Security Best Practices While Working From Home

While COVID-19 continues to aggressively spread across the globe, many employees worldwide are facing the realities of working remotely for the first time. Simultaneously, there is increasing evidence to show that malicious actors are using concerns of the virus to prey on those same individuals. Given this, it is more important than ever before that employees understand their role in protecting their personal data and their company’s data. From home networks, to the actions of family members, to how employees conduct their work, every aspect of an employee’s remote work life plays a critical role in ensuring the future of business continuity.

In an effort to help employees and businesses around the world, here are some guidelines and best practices for how to work from home safely and securely.

General Guidance for Secure Remote Workers:

• Report any suspicious activity to your IT team.
• Remain vigilant while reading emails, messages, web browsing, and be aware of common phishing techniques. Numerous attacks have surfaced that are using COVID-19 based content as delivery mechanisms for malware.
• Avoid non-reputable websites or links that may be potentially malicious.
• Avoid public network access points (i.e. coffee shop WiFi) and stay on your home network if possible.
• Make sure your home WiFi is secured, ideally with WPA2 or WPA3. Ensure insecure features like UPnP are disabled and default logins to all devices are changed.
• Work within cloud applications such as Microsoft 365 where possible to make sure data is secure.
• Protect you and your family’s personal accounts with 2FA, staying vigilant with interactions on online platforms.
• Use strong passwords and ideally a Password Manager.
• Make use of company VPN and secure connections wherever possible.
• Make sure any data stored on your remote workstation is backed up.
• Try to limit your family’s bandwidth usage, the more devices in use (phones, game consoles, etc.), the slower your connection which can hinder your ability to work remotely.

Guidance for Employees using Personal Laptops and Desktops

• Ensure you have a reputable Antivirus and Firewall installed and turned on.
• Ensure the latest operating system and web browser updates are installed.
• Lock your personal computer when walking away from it (Win+L on Windows or Command+Control+Q on Mac).
• Avoid the use of file sharing (P2P), and other high risk applications.
• Do not store any work data on your personal devices.

DO NOT

• Use unsupported methods of communication to conduct business (We recommend using Microsoft Teams)
• Use unsupported 3rd party/free VPN software/services
• Reuse passwords across personal and company accounts
• Store company proprietary information/work on personal devices
• Leave your business accounts logged in on shared system(s)
• Use your personal email(s)/accounts to conduct company business
• Connect unknown devices (USB sticks, peripherals, etc.) to company system(s)
• Install software that may put your system(s) at risk (Unsupported remote desktop, etc.)
• Wait to report any adverse information or suspicious activity identified with company assets

RECOMMENDED TOOLS TO HELP WITH REMOTE WORK

• Microsoft Teams – great for messaging, calling, video calls, sharing files and working together
• SharePoint Online with One Drive – great for storing work data securely and accessible anywhere.
• Exchange Online – world leader in business emails, available from anywhere.
• Migrate on premise servers to Azure to be available remotely.
• Passportal – password management tool.
• Solarwinds Backup Manager – full image backup or work files only
• Bit Locker – full disk encryption as well as USB drive encryption
• Decent headset and mic

Fortunately, most business es are equipped to accommodate some level of remote work.  Should you need further assistance please give Techtron a call to see how we can help.