The COVID-19 pandemic has resulted in many people working from home for the first time.
This has made working from home with secure IT a requirement for most businesses.
These IT security tips will help keep you safe when working from home;
1. Be Aware of Scams
Working from home has specific cyber security risks, including targeted cybercrime.
Criminals see crisis as an opportunity and businesses transitioning to working from home can be a target.
Be aware that the COVID-19 pandemic will be used by cybercriminals to try to scam people. While working from home you should:
- Exercise vigilance when receiving phone calls, messages and emails.
- Exercise caution when opening messages, attachments, or clicking links from unknown senders.
- If in any doubt, check with your IT professional.
2. Use Secure Remote Access
Use a secure solution to remote access your company network, such as;
- An encrypted VPN connection, OR
- A Remote Desktop Gateway, OR
- Splashtop or similar software (using 2FA)
Now is also a good time to check and audit the network security in your company office.
3. Working From Home IT Security Checklist
Complete this check list to ensure you’re following best practice working from home IT security:
☐ The physical environment used for home working is secure and screens are not viewable to anyone but the employee.
☐ Company data remains on company computers or cloud platforms and is never copied, saved or downloaded to personal devices.
☐ Sessions that connect to business devices, services or data are logged out during breaks and when work is finished.
☐ A secure and adequate firewall router is in place, preferably with no open ports.
☐ If wireless is used, it is configured with suitable security (WPA2 or WPA3 is preferred) and uses a hard to guess password and is NOT set to open/shared without any password.
☐ Public wireless is not used to access work systems, even if the work systems are cloud hosted.
☐ Default usernames and passwords on network devices have been changed.
☐ Firmware on network devices is up to date.
☐ Multi-Factor Authentication has been enabled wherever possible.
☐ Strong passwords or passphrases are being used.
4. Personal Device IT Security Checklist
If personal devices are used for work we recommend the following conditions:
☐ Devices are personally owned by the employee and not public, shared or borrowed.
☐ Use a currently supported operating system with appropriately licensed software applications.
☐ Are up to date with Windows security updates and computer manufacturer firmware, BIOS and drivers.
☐ Run adequate anti-virus software that is kept up to date.
☐ Use a ‘Standard’ user account with complex password that is not shared, and only used by the employee (Administrator accounts should not be used on personal devices when working from home).
☐ Have a screen lock out policy the goes to the login screen after a period of inactivity (5-15 minutes is great, 5 minutes ideal but not suitable for everyone).
☐ If using a VPN, implement full hard drive encryption (Microsoft’s Bitlocker in Windows 10 Pro or Device Encryption in Windows 10).
5. Working From Home IT Security Links
Struggling to think of a strong password?
The NCSC (National Cyber Security Centre) provides guidance here.
Not sure what wireless security you have?
Worried about open ports on your router?
YouGetSignal.com has a handy tool that has the option to scan commonly used ports.
Want to make sure the computer screensaver goes to the lock screen?
The simplest settings to check are mentioned on answers.microsoft.com
We are facing unprecedented and challenging times with the COVID-19 pandemic upon us.
We hope these working from home IT security tips help to protect you and your business.
If you would like further advice on working from home, call 0422 778586 for friendly advice.