The pandemic has resulted in more people working from home for the first time.
Which is making working from home (WFH) an IT security requirement for most businesses.
So, we’ve put together some IT security tips that will help to keep you safe whilst working from home;
1. Be Aware of Scams
Working from home increases the risk of targeted cybercrime.
Criminals see crisis as an opportunity and businesses transitioning to working from home are a target.
The COVID-19 pandemic is being used by cybercriminals to try and scam people. Whilst working from home you should:
- Be vigilance when receiving phone calls, messages and emails – especially from unknown recipients.
- Exercise caution when opening messages, attachments, or clicking on links from unknown senders.
- If in any doubt, check with your IT professional.
2. Use Secure Remote Access
Use a secure solution to remote access your company network, such as;
- An encrypted VPN connection, OR
- A secure Remote Desktop Gateway, OR
- Splashtop or similar software product (with 2FA enabled!)
Now is also a good time to check and audit the network security at your office.
3. Working From Home IT Security Checklist
Run through our check list and ensure you are following best practice working from home IT security:
☐ The physical environment used for home working is secure and screens are not viewable to anyone but yourself.
☐ Company data remains on company computers or cloud platforms and is never copied, saved or downloaded to personal devices.
☐ Sessions that connect to business devices, services or data are logged out during breaks and when work is finished.
☐ A secure and adequate firewall router is in place, preferably with no open ports.
☐ If wireless is used, it is configured with suitable security (WPA2 or WPA3 is preferred) and uses a hard to guess password and is NOT set to open/shared without any password.
☐ Public wireless is not used to access work systems, even if the work systems are cloud hosted.
☐ Default usernames and passwords on all network devices have been changed.
☐ Firmware on all network devices is up to date.
☐ Multi-Factor Authentication has been enabled on services, wherever possible.
☐ Strong passwords or passphrases are being used.
4. Personal Device IT Security Checklist
If personal devices are used for work we recommend the following conditions:
☐ Devices are personally owned by the employee and not public, shared or borrowed.
☐ Use a currently supported operating system with appropriately licensed software applications.
☐ Are up to date with Windows security updates and computer manufacturer firmware, BIOS and drivers.
☐ Run adequate anti-virus software that is kept up to date.
☐ Use a ‘Standard’ user account with complex password that is not shared, and only used by the employee (Administrator accounts should not be used on personal devices when working from home).
☐ Have a screen lock out policy the goes to the login screen after a period of inactivity (5-15 minutes is great, 5 minutes is ideal but not suitable for everyone).
☐ If using a VPN, implement full hard drive encryption (Microsoft’s Bitlocker in Windows 10 Pro or Device Encryption in Windows 10).
5. Working From Home IT Security Links
Struggling to think of a strong password?
The NCSC (National Cyber Security Centre) provides guidance here.
Not sure what wireless security you have?
Worried about open ports on your router?
YouGetSignal.com has a handy tool that has the option to scan commonly used ports.
Want to make sure the computer screensaver goes to the lock screen?
The simplest settings to check are mentioned on answers.microsoft.com
We hope these working from home IT security tips can be used to help protect you and your business.
If you would like further advice about working from home cyber security, call James on 0422 778586.