COVID-19 has many companies allowing or encouraging workers to work from home. Tele-commuting via computer is common, but not normally practiced. One of the potential threats to company data and files can be employees working from home using insecure data networks, or not having the same security protocols as they would in the corporate world.
“Security is crucial, as hacks and data leaks don’t only bring financial loss — they may also mean lost customer trust or even bankruptcy. When working from home, people tend to be more relaxed, browse unsecured personal sites, and make unknowing but deliberate mistakes. This poses a severe threat to companies’ cybersecurity,” says Daniel Markuson, an expert at NordVPN Teams.
Cybercriminals and fraud artists are also likely working from “home” and they remain determined to do their dirty deeds.
In the face of the coronavirus pandemic, public health experts are urging anyone who can, to work from home.
Here are some ideas and tips to ensure companies and employees are cyber-safer:
Daniel Markuson’s tips on secure remote working:
1. Keep home network secure
If you’re working from home, your home network must now protect both your personal and professional lives. Make sure it’s up to the task. The bare minimum will be to password-protect your router. Next, try these additional steps:
- Turn off SSID broadcasts. These will make it harder to find your home Wi-Fi network.
- Filter MAC addresses. A MAC address is a network name assigned to a specific device. If your router supports MAC address filtering, it will become much harder for any unauthorized device to connect to your router.
- Set up a guest network. Depending on a router, you may be able to create two different networks with different security rules for your work, personal life, and family members.
- Set up a proxy server. Proxy servers can easily be used to increase speeds and save bandwidth on a network by compressing traffic, caching files, and stripping ads from websites. You just need to know where to buy proxy – legitimate places that will allow you to select the most suitable secure options for you.
2. Use a separate device or account for work
It’s best to keep personal and professional devices and accounts separate. This way, if one account or device is breached, the other will remain safe.
You can also use a separate user account on your home device. However, make sure you have all of the apps you need to work securely, and they are all updated. Older versions may be missing out on important security updates.
3. Use company-wide cybersecurity tools
There are plenty of different tools that can help keep employees secure as they work from home. Some of the simplest and most powerful are NordVPN Teams or NordVPN’s Dedicated IP for individuals. Here’s how they work:
- A company applies to whitelist to all of its servers and systems. Whitelisting is like a strict bouncer at a club – if your IP address isn’t on the list, you can’t get in.
- Using NordVPN Teams or Dedicated IP, you can set your IP address to one of the approved addresses. You can do this from anywhere in the world, effectively granting yourself encrypted access to servers and systems you otherwise only could’ve accessed at your office.
There are plenty of other solutions as well – from secure browsers and secure messaging apps to password managers, like NordPass.
4. Encrypt sensitive files in transit and in storage
The company’s central servers and networks might be secure, but when all the employees work from home, anything can happen.
Fortunately, there are tools, like NordLocker, that let you encrypt sensitive files both at rest and while they’re being sent. By linking your account with your colleagues’, you will be able to ensure end-to-end encryption for your most sensitive files.
5. Stay informed on cybersecurity and social engineering
Now more than ever, scammers will try to pose as your colleagues or managers to try to get you to give up sensitive company information. Here are some basics:
- Double-check the sender. Was the email asking you to download an important file sent by john.doe@yourcompany.com or john.doe@almostyourcompany.com? Which one is right?
- Don’t download or click on anything until you’re sure that the sender is legit. Even then, you might want to check with your coworker before doing anything sensitive, like submitting a cash transfer.
- Maintain redundant communication channels. If you’re not sure about the correct spelling of your colleague’s messaging account, call them to double-check.
