Still working from home? Here are some tips you should consider.

1. How to spot a phishing e-mail. It’s the perfect time for hackers to send e-mails with dangerous malware and viruses. Right now, your inbox is probably filled with “COVID-19” subject lines and coronavirus-focused e-mails.Hackers are even using a fake cdc-gov e-mail address that’s not legitimate and spamming inboxes. How can you tell a phishing e-mail from a legitimate one? Here’s a few telltale signs:

  • Look closely at the e-mail address to make sure it’s spelled correctly.
  • Hover over any links in the e-mail (DON’T CLICK) to see the ACTUAL website you’ll be directed to. If there’s a mismatched or suspicious URL, delete the e-mail immediately.
  • Watch for poor grammar and spelling errors.
  • Never download an attachment unless you know who sent it and what it is. When in doubt, call the person who supposedly sent the e-mail on the phone to verify it’s legitimate.

2. Don’t use your home computer! Because you may be required to work from home, your mindset may be, “I may as well use my home computer.” This is a dangerous mistake. Home computers and personal mobile devices could be littered with tons of downloaded music, videos, images, and more. Because it’s more exposed, it can invite malware into your business network.

Only devices that are under a vigilant watch of patching, updating, and monitoring should be used to work remotely. Provide a company-approved, secure computer/laptop for employees to use at home.

3. Improve your password strategy. When in a crisis like a pandemic or large-scale natural disaster, your passwords could mean the difference between spending time re-learning how to grow your business, and trying to recoup finances and data that’s been hacked. Steps you can take to protect your passwords:

  •  Review your current passwords and inform your team to create stronger, more complex ones.
  • Use password manager software to store all your passwords in one place. Don’t store them in your web browser just because it’s convenient.

4. The dangers of Dropbox and other file sync apps. When employees work from home, they need access to important company files. It’s easy to look at consumer-grade, cloud file sharing solutions like Dropbox, OneDrive, and Google Drive. But listen up!
These applications pose a huge threat to your company because company data can be spread far and wide without central oversight of what information is being shared with whom. Furthermore, over 7 million Dropbox accounts have been hacked, giving cybercriminals a path into the company’s network.

This is even more important if your company has access to and/or stores financial and other sensitive data. Using file-sharing applications like these are a violation of compliance laws, so don’t use them for company data. Use only company-approved, business-grade file-sharing applications.

5. Are your employees leaving a backdoor wide open? Most of your employees have wireless net-works set up in their homes. Unlike your business Wi-Fi, many home users are lax about creating secure wireless networks – leaving a backdoor open to hackers. Wi-Fi signals often broadcast far beyond your employees’ homes and out into the streets. Drive-by hacking is popular among cybercriminals today. Here are a few tips for securing your employees’ Wi-Fi access points:

  • Use stronger encryption and a more complex password
  • Hide your wireless network name
  • Use a firewall

6. Reduce cyberattacks affecting your business. We expect a rise in cyberattacks during this pandemic because of the dramatic increase of employees working from home. Far too many employers don’t think about security as their team starts working at the kitchen table.

  •  Make sure your employees are not using their home computers or devices when working.
  • Ensure work-at-home computers have a firewall turned on.

7. Don’t do this on your work laptop or PC. It’s easy to become a little more relaxed when working from the comfort of your living room or home office. Surfing over to Facebook, other social media, or even personal e-mail accounts can be very tempting.

But the ONLY thing you should use your company’s workstation or laptop for is … WORK! Check your personal accounts on YOUR personal device. Over 600,000 Facebook accounts are hacked every day. If you’re using a company device to access a compromised account, you’re opening up a door to a hacker who can then get into your company’s network via your e-mail or PC.

8. Don’t forget about securing your device. The greatest threats to your company and its data come from hackers and cybercriminals. It’s just as important, however, to ensure the physical security of your devices while working from home. Implement these recommendations:

  • Shut down your device and store it in a secure place before leaving your home.
  • Lock your computer when you step away from it. This is especially important if you have children or other family members around.
  • Place your work devices out of sight at the end of the day. Not only does it keep them from being stolen, but helps you maintain work-life balance.

9. Essential rules for all cloud applications. If you’re using cloud applications while your employees are working from home, you are justified to be concerned about data privacy and security. The company hosting your data is ultimately responsible for keeping hackers out of their network, but most cloud breaches are due to USER error. Here are a few things you can easily do to improve security in the cloud:

  • Maintain a strong password of at least eight (8) characters with both upper and lowercase letters, numbers and symbols. Do not make it easy, such as “Password123!” It technically meets the requirements, but a hacker can easily crack it.
  • Make sure the device you’re using to access the application is secure. You’ll need professional help installing and maintaining a strong firewall, antivirus and spam-filtering soft-ware. Don’t access your cloud applications with a device you also use to check social media sites and free e-mail accounts.
  • Back up your data. If the data in the cloud is important, make sure you’re downloading it from the application and backing it up to another safe and secure location. If your account gets hacked or if the cloud company shuts down your account, you‘ll have a copy.

10. One document you should have in place for times like these. Working from home poses various risks to your company, its data, and its livelihood. Although your employees may have the best of intentions, establishing a Work From Home Policy reduces these risks by providing them a clear set of guidelines and procedures.

Consult with an IT expert to develop your work from home policy. At minimum, it should include these items:

  • How remote workers are approved
  • What physical security measures are necessary at home
  • Requirements for maintaining online security, such as pass-words and cloud file-sharing
  • Use of a VPN to connect to company networks
  • Acceptable Use Policy (AUP) of company devices
  • Procedure for reporting incidents

 

If you have any questions, or need assistance setting up any of these security measures, please contact us at 888-523-2568 or email info@cssworks.com.