In the face of the coronavirus pandemic, public health experts are urging anyone who can to work from home. As our offices empty out and we move to home quarantines, we don’t need to sacrifice security for personal safety. You can stay secure and connected while you wait out the coronavirus crisis at home.
Here’s everything you need to both secure your home and see through any scams that might target people working remotely from their home quarantines:
1. Keep your home network secure
If you’re working from home (and you should be!), your home network must now protect both your personal and professional lives. Make sure it’s up to the task.
The bare minimum will be to password-protect your router if you haven’t already. Next, try these additional steps:
- Turn off SSID broadcasts. These will make it harder to find your home Wi-Fi network (for anyone you don’t want finding it)
- Filter MAC addresses. A MAC address is a network name assigned to a specific device. If your router supports MAC address filtering, it will become much harder for any unauthorized device to even attempt to connect to your router.
- Set up a guest network. A guest network is a second network you can create on your router for visitors’ devices. Depending on your router, you may be able to apply different security rules for the two different networks. In that case, secure your home and work devices behind the most stringent security rules and leave a friendlier set of rules for guest devices.
- Install a VPN on your router. If you’ve set up adequate Wi-Fi encryption on your router, you may want to set up a VPN on your router. This has unique benefits and drawbacks, so for more info, check out this VPN router setup guide.
2. Use a separate device or account for work
It’s best to keep your personal and professional devices and accounts separate. This way, if one account or device is breached, the other will remain safe.
If you do your work on a computer, chances are you can do it on a laptop. That’ll be your best bet, since it will already contain any security tools your company may have provided.
You can also use a separate user account on your home device. However, make sure you have all of the apps you need to work securely. If you rarely log into this account, it’s critically important that you update all of your software before you start work. Older versions may be incompatible with your colleagues’ software, and you may also be missing out on important security updates.
3. Use company-wide cybersecurity tools
There are plenty of different tools out there that can help keep employees secure as they work from home. There are plenty of solutions available. Personal tools – from secure browsers and browser extensions to secure messaging apps – will help you and everyone else stay secure. Before you leave the office to set up your comfy home quarantine, ask your system admin if there’s anything you should install first.
4. Encrypt sensitive files in transit and in storage
Your company’s central servers and networks might be secure (hopefully), but when all the employees work from home, anything can happen.
Fortunately, there are tools that let you encrypt sensitive files both at rest and while they’re being sent.
5. Stay informed on cybersecurity and social engineering
Hackers and scammers know that many companies are going to be sending their workers home, so they’re going to try to exploit the situation in any way they can. Conversations you once might have had face-to-face with your colleagues will now be happening online, making them easier to exploit.
Read up on different forms of social engineering and phishing so you know what to look out for. Now more than ever, scammers will try to pose as your colleagues or managers to try to get you to give up sensitive company information. You’ll find plenty of tips in the above links, but here are some basics:
- Double-check the sender. Was the instant message you just got from your boss sent by John.Doe or John_Doe? Which one is right? Was the email asking you to download an important file sent by email@example.com or firstname.lastname@example.org?
- Don’t download or click on anything until you’re sure that the sender is legit. Even then, you might want to check with your coworker before doing anything especially sensitive, like submitting a large cash transfer.
- Maintain redundant communication channels. If you’re not sure about the correct spelling of your colleague’s messaging account, call them to double-check. If you’re about to download or click on something in your colleague’s email, consider IMing them first. This will make it much harder for fake messages to hit their mark.
6. Avoid public Wi-Fi
The best reason right now to avoid public Wi-Fi is because you should be avoiding public spaces and travel, period! If you must go out, however, you should take every precaution – both for your health and your cybersecurity.
Public Wi-Fi is always a hazard, as it is far less secure than private Wi-Fi and far more likely to have malicious actors connected to it (or running it, as is the case with an evil twin hotspot). Wi-Fi isn’t the only danger in public locations. Here are just a few of the other threats you may encounter when working in public:
- USB chargers. Usually, a USB charger is just a charger. Sometimes, however, public chargers can be fitted or hacked with hardware or software that can install malware on your device or track your communication. Stick with the ones you trust at home.
- Screen snoopers. If you usually work in an office, you might be used to discussing sensitive or confidential topics openly. When working in public, you may leak that information to someone peeking over your shoulder. You’ll eliminate that risk by working at home alone or around people you trust.
Don’t forget, however, that your physical health is paramount! Public health experts say staying away from public spaces will keep you healthy, and we think it will keep you secure as well.