The pandemic has resulted in more people working from home for the first time.
This has now made working from home cyber security a requirement for most businesses.
We’ve put together these cyber security tips to help protect your business whilst working from home;
1. Be Aware of Scams
Working from home increases the risk of targeted cybercrime.
Criminals see crisis as an opportunity and are targetting people who are transitioning to working from home.
The COVID pandemic is being used by cybercriminals to scam people, when you are working from home you should:
- Be vigilance when receiving phone calls, messages and emails – especially from unknown recipients.
- Exercise caution when opening messages, attachments, or clicking on links from unknown senders.
- If in any doubt, check with your IT professional.
2. Use Secure Remote Access
Use a secure solution to remote access your company network. We recommend one of the following:
- An encrypted VPN connection, OR
- A secure Remote Desktop Gateway, OR
- Splashtop or alike with 2FA enabled
Now is also a good time to check and audit your main office network security
3. Working From Home Cyber Security Checklist
Run through our check list to ensure best practice home IT security:
☐ The physical environment used for home working is secure and screens are only viewable to yourself.
☐ Company data remains only on company computers or cloud platforms and is never copied, saved or downloaded to personal devices.
☐ Sessions that connect to business devices, services or data are logged out during breaks and when work is finished.
☐ A secure and adequate firewall router is in place, preferably with no open ports.
☐ If wireless is used, it is configured with suitable security (WPA2 or WPA3 is preferred) and uses a hard to guess password and is NOT set to open/shared without any password.
☐ Public wireless is not used to access work systems, even if the work systems are cloud hosted.
☐ Default usernames and passwords on all network devices have been changed.
☐ Firmware on all network devices is up to date.
☐ Multi-Factor Authentication has been enabled on services, wherever possible.
☐ Strong passwords or passphrases are being used.
4. Personal Devices – Cyber Security Checklist
If personal devices are used for work we recommend the following conditions:
☐ Devices are personally owned by the employee and not public, shared or borrowed.
☐ Use a currently supported operating system with appropriately licensed software applications.
☐ Are up to date with Windows security updates and computer manufacturer firmware, BIOS and drivers.
☐ Run adequate anti-virus software that is kept up to date.
☐ Use a ‘Standard’ user account with complex password that is not shared, and only used by the employee (Administrator accounts should not be used on personal devices when working from home).
☐ Have a screen lock out policy the goes to the login screen after a period of inactivity (5-15 minutes is great, 5 minutes is ideal but not suitable for everyone).
☐ If using a VPN, implement full hard drive encryption (Microsoft’s Bitlocker in Windows 10 Pro or Device Encryption in Windows 10).
5. Working From Home – Cyber Security Links
Struggling to think of a strong password?
The NCSC (National Cyber Security Centre) provides guidance here.
Not sure about your wireless security?
Worried about open ports on your router?
YouGetSignal.com has a handy tool that has the option to scan commonly used ports.
Want to make sure your computer goes to lock screen?
The simplest settings to check are mentioned on answers.microsoft.com
We hope some of these home cyber security tips can be used to help protect your business.
If you need further IT advice about working from home, call us on 0422 778586.