Working from home – How secure is it?

Vimal Ramachandran, Director

image

The current health crisis the world is witnessing today is truly unexpected and unfortunate. We have never experienced a crisis like this before that forced us to confine within the four walls of our house. When you know something like this is going to happen, you can plan things accordingly, be it related to your personal life or professional. But COVID-19 pandemic didn’t give us time to prepare. Before we could realize what was happening, the entire world entered into a lockdown.

Security

Most of the employees have started to work from home and this might pose certain challenges, specifically on the security front. There are chances of risks and the security team of an organization must identify the common risks that might arise when employees are working remotely. The security team should coordinate with the communication team and the latter must train the employees on the risks and how to manage them. This will simplify the process of security and motivate employees.

Even after training employees on these, they might encounter problems with regard to security and will be in need of help. It is always advisable to answer their queries in real-time using technology or forum, such as e-mail, Skype, teams, or any such platform. This will make security as approachable as possible and will enable the security team to quickly identify and respond to incidents.

Social engineering

The platform you are using to answer queries should have strong authentication mechanisms; otherwise, cyber attackers will see this as an opportunity to socially engineer these platforms.

Social engineering attacks are one of the greatest risks that will arise when employees work from home. The user will be prompted to make a mistake, without their knowledge and during a time like this, when you get numerous calls and emails related to the pandemic, it will be much easier to track the user. Chances of overlooking these scams are high. The solution is to train employees on what social engineering is, how to identify it, and what to do once you identify one. Even though phishing is the most common form of cyberattack, there are other modes as well and employees should be aware of these.

Strong Passwords

Weak passwords have always been one of the top reasons for security breaches and it makes the job of hacker pretty much easier. Below listed are four key behaviors to manage this risk;

  • Passphrases: Compared to passwords these are comparatively longer and ensures added security.
  • Unique passwords for all accounts: Do not give the same password to all the accounts; they should be unique and strong.
  • Password managers: This helps in storing and managing online credentials.
  • MFA (Multi-Factor Authentication): User is given access only after successfully entering two or more independent credentials.

Updated systems

The security team must see to it that the employees are using the latest version of the operating system, applications, and mobile apps. Everything should be updated, as updation helps in patching security holes.

Tips

Here are some tips for you that can be useful while working from home;

  • Here are some tips for you that can be useful while working from home;
  • Change the default admin password, enable WPA2 encryption and use a strong password for your wireless network
  • All the devices connected to home network must be protected by a strong password and should be updated. Systems should be locked while you are not using it
  • Both the operating system and applications must be patched and updated
  • Do not discuss any confidential details with clients in public
  • Keep your system in a secure place and also ensure to keep your screen private. Position it away from other people
  • Do not access any internet sites other than the access required
  • Inform IT department if you come across any abnormal activity through emails or systems
  • If you are sharing any confidential information via emails, protect it with a password. Share the password with the user in person and not through email.
  • Do not use official laptop for personal use (internet or unauthorized applications or software) and avoid carrying laptop to public places to work.

Above all, one should have the common sense to differentiate between genuine things and scams. It is easy to fall prey to scams, but difficult to get out of one.
 

Would you like to rate us on Google?         

 

Get in touch

Whatever your question our global team will point you in the right direction

Start the conversation
Get in touch
x
x

Share to:

Copy link:

Copied to clipboard Copy