In the best of times, 60% of companies fail within 6 months of a cybersecurity attack. Given the economic impact of COVID-19, you can’t afford to ignore the increased risks of a security breach.
While working from home, the fundamentals of basic security can be overlooked, especially if your organization doesn’t have a documented security policy.
Here are ten tips for keeping your data safe while you work remotely.
- Think before you click. Cyber criminals are distributing malware campaigns impersonating reputable organizations like the WHO and the CDC. If you want to see information from these sources go directly to their website. Don’t click email links from outside organizations.
- Protect your login. Your passwords should be unique to all of your accounts. They should be long and use a variety of characters. Each password should contain one capital letter, one number, one lower case letter, and one non-alphabetic or numeric character. Wherever possible, use multi-factor authentication (MFA) where you receive a one time code via text message, email, or through an authenticator app for greater security.
- Connect Securely. Employees should not use public WiFi to access work accounts unless they are also using a VPN. When connecting through home routers, make sure the software is updated to the most current version. Secure your network with a long, complex, unique passphrase and use different passwords from other accounts and devices you access.
- Keep your networks separate. Most commercial routers allow users to easily set up multiple networks. Put company devices on one network, and personal devices on another. Make sure to use different passwords for both.
- Backup your data. Sometimes, the intent of cyber criminals is just to erase or encrypt your data so that you don’t have it. Make sure you back it up to a protected cloud environment as well as saving it to one or multiple physical locations.
- Secure your devices. Keep them with you or closed when not in use. Never leave your devices out of sight for extended periods of time and check your surroundings to see if your screen is easily viewable for others from where you’re working.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a work-issued device).
- Use devices and applications provided by your company. It’s tempting to use applications and devices that you prefer as opposed to those approved by your security team. Unfortunately, unapproved devices can open the door for cyber attacks. Stick to what has been vetted and don’t open an unknown access point to your network.
- Update your software. Make sure that all devices you use to access your organization’s network have the most current version of software and operating systems with the most up to date security patches.
- Confirm the source. With individuals working remotely, cyber criminals are using this opportunity to spoof senior manager email addresses and send requests for wire transfers or gift card purchases. While this isn’t necessarily a threat to network security, it can be a costly mistake.