Covid 19: 7 Simple Cybersecurity tips to Working from Home
Due to the Coronavirus (Covid-19) pandemic, World Health Organization (WHO) strongly advises that you stay at least 3-feet away from anyone who is either sneezing or coughing. People are also avoiding social gatherings and businesses are putting in place every possible contingency plan to prevent significant disruptions in their activities.
One of these plans is to allow employees to work from home.
From virtual event platforms to web conferencing, etc., there are a lot of digital tools that make working from home more comfortable. It may not be all good, though.
Cybercriminals are using this as a window of opportunity to launch attacks on susceptible people working from home. The plan is to fool you into clicking malicious links and give out your confidential information like credit card information and passwords etc.
The European Union Agency for Cybersecurity (ENISA), reports that there has been an upsurge in phishing attacks during this period. The union advises that telecommuters shouldn’t mix personal and work activities on single devices.
Besides, it would be best if you also were careful with emails that reference to Covid-19.
Here are other top seven tips to stay safe working from home during this challenging period.
1- Secure Your WiFi Connection
First, ensure that the Wi-Fi router has the latest security patches or updates installed and turn off UPnP to make your router ignore all access requests from devices in your local network to block any malicious access attempts.
Second, make sure that you have WPA2/WPA3 turned on. This will be vital in helping you lockout malicious unauthorized devices from accessing the network. Insecure Wi-Fi connections do not use any form of encryption for data that moves across their airwaves and makes it very easy for eavesdroppers to sniff on your traffic and steal your private information.
Lastly, ensure that your devices connect to a trusted Wi-Fi network only. Anyone can spin up a Wi-Fi within your proximity with the well-known SSID such as “Xfinity”, etc. and your device may automatically connect to such network. This would be equivalent to using a public Wi-Fi network, which is used to compromise user’s credentials, systems, to spread malware, or for DDOS attacks.
If you work from home, therefore, you must secure your Wi-Fi connection.
2- Strong VPN Connections
Virtual Private Network (VPN) connections are must-have if you wish to secure your traffic from insecure Wi-Fi or would like to gain access to the internal corporate networks securely. They will help you create a secure connection with the company devices and ensure that man-in-the-middle attackers cannot interfere with the data you receive or share.
You must use a corporate VPN with a full tunnel because it provides you with a secure and encrypted tunnel for transmitting data between your home computer and the company’s network.
Even if you work for yourself, it’s still advisable that you get a reliable VPN connection to protect your privacy. Remember to choose a provider that offers privacy protection.
3- Update all your Systems to Latest Versions and Security Configurations
It’s prudent that you don’t put off software updates for too long. If you use, for example, Mac or Windows laptop, make sure that you have all the latest updates installed.
For your information, these updates usually come with repairs and patches that repair security holes in the programs and remove bugs in them. The updates also improve the performances of these devices.
As an extra measure, be sure to install reputed AntiVirus/AntiMalware and ensure that all of them are up to date. This will help you defend against new threats as they emerge.
4- Avoid the Use of External Peripherals
The inexpensive nature and portability of external peripherals like USB sticks/USB drives make them a desirable option for attackers to spread viruses and malware. Some of these viruses are so sophisticated that they will ‘know’ immediately when you insert the USB sticks to your computer and initiate malware download.
Your best bet, therefore, is not to use any untrusted storage devices that you find anywhere. If you have to use them, only use company authorized devices that are protected with enterprise-level encryptions.
5- Keep Your Personal and Corporate Emails Access Separate
It’s never a good idea to mix your personal emails with corporate emails because your personal emails may not have DLP and anti-spam/anti-phishing protections on the mailboxes as you would have on corporate emails. Because of this, you could be exploited via personal email, and then attacks could be launched on the corporate assets and network.
6- Always Use MFA
Multifactor authentication is a security system designed to help in verifying the user details through multiple credentials. When you use it to authenticate the VPNs, Emails, and other vital resources, it won’t ask for the username and password alone.
Instead, it will also request for extra credentials like “secret security code that’s sent to your smartphone, facial recognition, fingerprint detection, security token or answer to security questions,” etc.
This is critical in that if any of your credentials are leaked, the threat actor won’t be able to access your accounts and gain authorized access to the data or resources.
7- Do Not Click Links or Download Email Attachments from Unknown Senders
Did you know that over 90 percent of malware is usually delivered via email? Well, it involves a social engineering attack mechanism–phishing, which is also responsible for over 80 percent of reported cases.
The attacker’s goal is always to convince you to click malicious links or download malicious attachments in your devices. If you wish to be safe; therefore, don’t click any links in emails from unknown senders or download attachments.
Also, during this period, be wary of emails referencing to Covid-19 and those pressing you to download attachments or click links in them. Usually, these links will lead you to malicious websites where malware is installed on your computer/laptop in seconds.
In summation, Covid-19 is a real threat, but security starts with you. Be sure to maintain the health guidelines given out by WHO when you work from home.
It’s also vital that you don’t use shared workspaces during this period and if you must use one, be sure to sanitize your hands always and remember to lock your screen every time you’re not using your computer.
Together we will get through this!
If you have questions please don’t hesitate to contact us via our website to schedule a free consultation.