Founder @ NowSourcing. Contributor @ Hackernoon, Advisor @GoogleSmallBiz, Podcaster, infographics
When countless companies switched to distributed workforces, one thing often got neglected: digital security during remote work, despite the fact that cyberattacks have been booming since the start of the pandemic.
By August, the FBI’s Cyber Division had already registered a 400% rise in cybercrime since the start of the year. During the same time, ransomware attacks increased by a mind-boggling 800%.
And yet, a meager 20% of companies with work from home (WFH) policies made cybersecurity a priority.
This leaves you to protect yourself.
So what can you do to boost your digital security during remote work?
Here are 10 simple steps for a secure home office - during the pandemic, and after.
First, tighten the security on your router. Otherwise, someone else with access to your network could reverse all your subsequent security changes.
Basically, you have to change your router’s admin credentials. Unfortunately, the default settings are often easy to crack.
To fix this, change your password to something more complex (at least eight characters long, also including numbers and symbols).
Next, step up your Wi-Fi security game.
Start by changing your network name. Again, the default settings are often vulnerable. In many cases, they give away your router type, which makes hackers’ lives easier.
When picking a new network name, make sure that it doesn’t divulge any personal information.
Then, it’s time to adjust settings.
First, disable WPS. In general, WPS allows a device to connect to your network at the push of a button on the router. That is handy - but also leaves you vulnerable to attacks.
After that, enable the best encryption your router offers. WPA2 is the minimum, and if it comes with options, choose PSK or AES over the older TKIP. WPA3 is the newest standard - and very secure - but not yet a widespread option.
If only WEP or WPA options are available, you’re actually better off disabling Wi-Fi and using an Ethernet connection, or getting a new router.
Avoid public networks for any sensitive online tasks.
Even with widespread encryption, public Wi-Fi is still a gold mine for seasoned hackers.
If you can’t get around using public networks for remote work, at least protect yourself.
The easiest way to do that is to install a VPN, a virtual private network. This will help you establish a secure connection and make things difficult for hackers.
Choose strong passwords.
This may sound like an absolute no-brainer. Still, 80% of breaches in 2019 happened thanks to weak or compromised passwords.
To make your life easier, consider using a password manager. This is a program that will automatically store your passwords, suggest new ones, and alert you to weak spots.
Alternatively, there are a few memory techniques that can help you remember complex passwords yourself.
On all your devices, enable encryption settings. In most cases, this is the default - but you should still check.
Even though it’s only a single click, setting up encryption is a major security boost. Not even the FBI could crack encryption on two suspects’ iPhones - they had to go to Apple for help.
Another setting to enable is find-my-device. If your phone, tablet, or laptop does get stolen, this gives you a better chance of tracking it down.
Some devices now offer remote wipe features. These let you delete files at a distance. It’s especially handy if work devices with sensitive data get stolen or lost.
Finally, make sure that you properly lock your phone and tablet. Unlocking your phone with a pattern swipe may be handy, but it’s also easy for hackers to crack.
Biometric security is a step up, but a plain old PIN is still the most secure option you have.
2FA is critical for digital security during remote work - and in your private life. It means that to access an account, you need both the password and a physical device to which a code or an app notification will be sent.
This may be a minor inconvenience if you just quickly want to check an account. But it is also an excellent defense against hackers.
A study by Google found that using 2FA with an on-device prompt prevents 100% of automated bot hacks and 99% of bulk phishing hacks. It even helps thwart 90% of targeted hacking attacks.
This means that even if someone actually hired a professional hacker to get at your data, 2FA would stop them 9 out of 10 times.
Updates can be irritating to install. Honestly, it’s tempting to tell your computer or phone to ‘try again later’ so you can finish typing that report or watching that Netflix show. However, not updating your apps and OS makes you an easy target.
Most hackers don’t look for new weaknesses. Instead, they exploit known vulnerabilities, even though development teams have already fixed them. That’s because there are always users who haven’t installed the necessary updates yet.
In fact, statistics show that 60% of digital security breaches involved vulnerabilities for which a patch was available, but not yet applied by users.
The easiest way to protect yourself is to enable auto-updates on all important apps and systems. Alternatively, schedule a weekly update time when you install all available bug fixes and patches.
If you have dedicated WFH devices, use them. And keep your private business separate.
Not only do company devices usually have better security to protect the larger amounts of sensitive information they store, but malware and bulk phishing hacks also occur more frequently during free-time usage.
When choosing apps related to security - especially VPN and antivirus - invest in quality.
Read the fine print, compare features, and read reviews. Often, a slightly more expensive option offers much better protection.
If your company provides security apps for remote work, check with your administrator about optimal settings and recommended scan frequencies.
Finally, you can protect yourself by staying informed.
Scams have been evolving fast in 2020. For example, the World Health Organization has been struggling to contain Corona-related cyberattacks using WHO credentials and signatures.
Stay on your guard. Sign up for cybersecurity newsletters, or regularly check cybersecurity blogs. You’ll be able to recognize and evade common attacks.
Remote work increases cybersecurity risks. That much is clear from statistics. Even though many companies don’t have a clear digital security policy, there are still simple steps you can take to protect yourself.
From protecting your Wi-Fi and enabling 2FA to password hygiene and staying up to date with scams, you can step up your security game.
That way, you can work from home in peace - and hackers will be left gnashing their teeth in frustration.
Create your free account to unlock your custom reading experience.