How to Work from Home Securely
Hey, I’m Aleksandr Maklakov, Chief Information Officer at Clario. Right now I’m working from the comfort of my home, just like the rest of the Clario team.
The shift to remote work wasn’t easy. We worked hard to make sure all our employees were well-prepared to work from home both comfortably and securely. While the change to our workforce’s culture has been challenging, on the bright side, I bought myself an amazing ergonomic chair and a cool desk for my “home office”. Loving it!
Anyway, that’s not what I wanted to tell you. In view of the coronavirus pandemic, you probably had to start working from home too, just like numerous professionals around the world. With so much upheaval to our working lives, now is not the time to fall victim to a nasty virus or hacker attack. So let’s make sure your working from home setup is protected as strongly as possible.
It’s great if your company provided you with a secure laptop, safe connection tools, and clear instructions on staying safe while working from home. If that’s the case, you probably won’t need to do much about the first five tips below (however, you’d better double-check to ensure everything is in place).
Yet, if you work on your own computer, be sure to do the following to enhance your IT security and protect yourself and your network.
Here’s how to work from home effectively and securely:
1. Keep your operating system up-to-date
From time to time, tech experts notice vulnerabilities in operating systems (OS). But sometimes, hackers discover them first. When the latter happens, the bad guys start exploiting these flaws and any user can become a victim. For example, in 2020 major security holes were found in Windows 10; it happened in January and March. What’s more, vulnerabilities were discovered in macOS as well.
Microsoft and Apple usually fix the flaws quickly. But then, it’s your turn: you need to install the updates to become protected. This is why it’s important to set up automatic updates to your computer and confirm them as soon as the notification appears.
2. Create individual accounts on your computer
Things can become messy if you use your personal computer for work and you share it with family members. The best practice is to create individual accounts for you, your spouse, and children. Also, create a separate admin account, and make sure all the accounts have different passwords.
Why is having individual accounts important? First, no one will be able to accidentally delete your work files or mess with your emails. Next, if someone in your family gets a malicious program, its impact will be limited to their account. As none of these accounts have admin rights, it will be harder for a hacker to cause much harm elsewhere.
3. Keep your security software running and updated
Second, use a reliable antivirus program. Just as with your OS and other software, be sure to have your antivirus updated regularly. This is what makes it effective in the fight against the newest malware.
By the way, antivirus solutions usually protect your computer at large, including any user accounts you have. Thus, you don’t need to install a separate antivirus for each individual family member.
4. Use a VPN
If your company took good care to connect you securely with corporate resources, they will have provided you with VPN software too. What is it and why do you need it? Connection through a virtual private network (VPN) is encrypted and your IP address is hidden. This way, any information sent via a VPN stays between you and your employer.
If you weren’t equipped with a VPN but you still care about the privacy of your communication with an employer, consider getting a VPN service. Go for a paid and reputable one, as free VPNs may monetize by selling your data.
5. Set up data encryption
If you store sensitive data on your computer, you may want to encrypt your hard drive for enhanced protection. This means your data will be ciphered and protected stronger than just with your account password. Hackers won’t be able to read your documents, even if someone steals your laptop and puts a hard drive into another computer to overcome password protection.
Encryption is available in macOS and some versions of Windows (but notably, not with the Windows 10 Home edition).
Check out the instructions for Apple’s FileVault and Microsoft’s BitLocker if you want to set up encryption. Note that you’ll need to remember a password and safely locate a recovery key or you risk losing access to the data yourself.
6. Use two-factor authentication
Two-factor authentication (2FA) is a more secure login method when you confirm your identity in two different ways. For example, you enter a password to your account, then you also have to provide a code sent to your mobile phone. You’ve probably used such a process in your banking app.
While this method is better than the mere use of a login and a password, SMS codes are not exactly hacker-proof, as these messages can be intercepted. As a more reliable 2FA alternative, you can try Google Authenticator. It’s a free app available for both Android and iOS. After you install and set it up, Google Authenticator will generate one-time passwords to confirm your logins to accounts you choose.
To sum up, if you opt for 2FA, hackers won’t be able to break in with just your password. They’ll need to steal your phone, too, which is unlikely. This is especially important if your password is not as strong as it should be.
7. Protect your router
That little box that radiates Wi-Fi all over your home can also be a handy starting point for hackers. Let’s make sure this is as secure as possible.
Your router comes with a default login and password. Hackers can easily find this information and break into your network. Hopefully, you changed these credentials long ago; if not, switching to remote work is a good time to do so. Find your router’s default IP address on the router itself, in its user manual, or on this website. Enter the IP address in your browser’s search bar. Next, enter the router’s default login and password (you can find them in the same way as the IP address). Then, change your router’s login and password to something unique and stronger.
Another thing you can do to enhance your security is to change your router’s DNS server address to 184.108.40.206. This way you’ll use this service to protect you from accidentally opening a malicious website or break communication of malicious software if you have something on your computer. Follow the instructions to make changes.
8. Regularly back up your files
Making copies of all your files is another important practice. Even if your laptop is well-protected from hacker attacks, it can still fall down and crash. I hope it won’t happen but an ounce of prevention is worth a pound of cure.
You can easily make a backup by means of macOS or Windows. You will just need an external drive for your copies. On your Mac, follow the instructions for Time Machine; on a Windows computer, use File History. You can set up automatic updates as often as every hour, and never bother with the process again.
9. Beware of phishing emails
These days, many scammers are looking to exploit the general interest in the coronavirus pandemic. They are currently sending lots of phishing emails promising to sell you a vaccine or inviting you to support a healthcare charity. Alternatively, fraudsters are posing as the World Health Organization, your employer, or a governmental body and inviting you to follow a certain link or download an attachment. In addition to emails, scammers are setting up fake websites and advertising them online.
In all these cases, the sole goal of cybercriminals is to swindle your money or your personal information. Thus, be very careful with any coronavirus-related emails, websites, and apps. Only use official websites for updates.
10. Be careful with corporate data
Wherever you deal with corporate information, be it in the office or at home, you have to remember it’s confidential. If you want to boast about your awesome home workplace (mine’s shiny new and cool, by the way!), don’t post photos with corporate emails or documents on your screen.
Similarly, be careful when sharing cloud documents, such as Google Docs. Don’t make your docs public or available to all your colleagues; instead, share them directly with any relevant teammates and only provide the necessary level of access (viewing, commenting, or editing).
If you need to take a screenshot, use inbuilt tools on your Mac or Windows computer. Don’t use online services for this purpose. They might seem handy, as you upload a captured image and easily share it with colleagues via a link. However, these links are also accessible to anyone on the internet. Don’t make your company’s secrets easy prey for hackers.
What to do if something went wrong?
If you didn’t have an opportunity to secure your computer and you already notice suspicious signs, don’t panic. A slowdown of your computer, lots of pop-up ads, or the appearance of unfamiliar apps may all point to a virus infection. In this case, just take the following steps:
- Disconnect from your corporate VPN if you used it. It helps prevent spreading viruses to all other devices in the corporate network
- Install an antivirus, then scan your entire computer
- Contact your company’s IT department
Be sure to follow the notifications from the antivirus app and the instructions of IT specialists. Remember, it’s important not to ignore the malware and get rid of it completely.
* * *
I hope that these working from home tips were useful for you and you won’t face any difficulties while working remotely. Now that you’ve secured your computer, you can sit back on your couch and relax. Though, I’d still recommend you get a cool ergonomic chair. Just like mine!
We’d like to stay in touch.
We’ve got something special to share! Enter your contact details below to be among the first to find out about the exciting changes we’ve got in the works as well as to receive special promotions.
Thanks for your subscription!
You’ll be the first to know about our updates. Please keep an eye on your mailbox.