Work Home Securely

Work From Home Securely!

The Internet and progress in technology have made it possible for many users to carry out regular duties from home. Sadly, there is a downside, users are more exposed to cybersecurity threats while working remotely. Remote workers might have their sensitive data put at risk, but working from home could result in breaching company security too.

In this blog, we reveal tips to help you stay safe online so you can do your job in a secure manner.

Cybersecurity tips for remote workers

Before taking measures to protect yourself online, the first step is to check in with your employer to see if they have any security protocols in place.

Companies should review their incident response plans to ensure they are well prepared for responding to any data breach or security incident. Update the plans if necessary, after getting in touch with your response team and/or outside advisors.

Many employees are not aware of their cybersecurity obligations, and some may have never worked remotely before. Providing guidance to all employees is critical. The increased cybersecurity risk of remote work reinforces the need to have a plan in place if something goes sideways.

Security Awareness Training

Now, more than ever, employees are the weak link in an organization’s network security, so they need to be trained continuously. We help companies better manage the problem of social engineering and create a human firewall.

Simulated Phishing Campaigns

We create phishing simulations to test employees’ awareness to potentially harmful emails, from who opened, clicked, and entered credentials.

We shall notify the employee that the email was a test showing him/her the key indicators within the email to watch out for, from incorrect/mis-spelled domain names to hovering over links within the email. In addition, we will provide management with a report of the results.

Training Videos and Newsletters

We provide access to training videos and newsletters focused on numerous areas for your respective business: from CEO Fraud, Ransomware, Strong Passwords, PCI compliance, Credit Card Security, GDPR, Mobile Device Security, Safe Web Browsing, etc.

Advanced Phishing and Spam Protection

With the rise in the number of people working from home due to the novel coronavirus outbreak, no doubt there will be hackers looking for easy money. Most likely, phishing emails will target remote workers now in attempt to steal sensitive data and/or gain access to key accounts.

Tip:

To identify a phishing email, check the sender’s email address, the subject line and email body for spelling errors – poorly written content. Hover over links to see the URL and don’t click links or open attachments unless you’re sure you recognize the sender. If you don’t, contact the sender using a phone number or email address that you find elsewhere, not the one provided in the suspicious email.

If you do click a link and land on a legitimate-looking page, be sure to check its credibility before entering any sensitive information.

NOTE! Usual signs of a phishing website include lack of an HTTPS – green padlock symbol (although some phishing sites have SSL certificates installed), misspelled domain names, bad grammar, lack of an “About” page, and missing contact information.

As you probably know, Verizon’s data breach investigation report found that 66% of malware is installed via attachments in phishing emails.

Malware and ransomware are here to stay, so we strongly suggest all companies, especially during crisis situations, to use email protection and continuity products that helps defend against the latest threats, from spear-phishing, ransomware, impersonation and other targeted attacks.

Multi-Factor Authentication

Implement and enforce two-factor or multi-factor authentication (MFA). If you haven’t turned on MFA yet, now is the best time to do it because having a strong password isn’t always enough.

The 2017 Verizon Data Breach Report revealed that 81% of hacking-related breaches leverage either stolen and/or weak passwords, an obvious increase from 63% reported in previous years.

Establishing multi-factor authentication by sending a second randomly generated pass code to your phone for your Office 365, GSuite and to other key accounts will further protect you and your organization from malicious actors.

Back up your data.

Data can be lost in numerous ways, including human error, physical damage to hardware, or a cyberattack. Ransomware and other types of malware can wipe entire systems without you noticing it.

Therefore, you need a secure, easy-to-use cloud backup solution to protect your data. We offer a comprehensive suite of affordable services for data protection and recovery – a perfect solution for executives focused on protecting key information, but flexible on business continuity.

Some SaaS/cloud users believe that doing back-ups isn’t necessary for their data because it exists in the cloud. Unfortunately, human error, phishing emails or malware can cause data loss. SaaS/cloud providers protect your data from hardware failure, software failure, natural disasters, and power outages.

We can help protect your Office 365 and GSuite data from human error too by providing automated backups once a day that capture point-in-time snapshots of each users’ relevant app data. Your data is secure, easily recoverable, and protected.

Web Protection (DNS)

Adding our Web Protection service, your business will get an additional layer of protection between the employee and the internet by blacklisting dangerous sites and filtering out unwanted content, in the office or at home.

The domain name system (DNS) works like a phone book for the internet. When your employee enters a domain, the DNS server will take that piece of information and translate it into the unique internet protocol (IP) address that allows the browser to open the desired website. Unfortunately, DNS protocols are highly vulnerable to cyberattacks.

By redirecting users’ web traffic through a cloud-based, DNS security solution, businesses can finely adapt and enforce web access policies, ensure regulatory compliance, and stop threats at the network’s edge.

Secure your home router.

Do you remember changing your router password when it was first installed? It’s important to take simple steps to protect your home network to prevent malicious parties getting access to connected devices.

Changing your router password is a good first step, but there are other actions you can take. For example, you should make sure firmware updates are installed so that security vulnerabilities can be patched.

Tip:

The encryption should be set to WPA2 or WPA3. You should then Disable WPS (Wi-fi Protected Setup) and UPNP (Universal Plug and Play) features. You may also want to disable remote access to your router’s admin panel.

Install updates regularly.

Updates often include patches for security vulnerabilities that have been uncovered when the last version of the software was released.

Usually, you can set updates to run automatically, often outside working hours, so you don’t have to worry about downtime.

Use an antivirus software.

Although a firewall can help, some threats can get through. A good antivirus software can act as the next line of defense by detecting and blocking known malware.

Even if malware does manage to find its way onto your device, an antivirus may be able to detect and remove it.

Always lock your device.

If you do have to work in a public space, or if you live with people who you can’t share business information with, then it’s important to keep your device secure. Password-locking your device is imperative as it usually encrypts its contents until someone enters the password. When possible, use fingerprint or face/iris recognition in addition to password locking.

Please post your comments bellow. Stay vigilant!