Working from home, an arrangement that was once a luxury for just a select few individuals has become necessary for millions as the Covid-19 pandemic rages through 2021 and continues to force us all to rearrange our lives. For many, this has meant turning kitchen tables, dining rooms, and any other shared spaces in the house into offices. For many others, it has meant converting a room reserved for something else into a space resembling an office, adapting any way we can.
This has been an adjustment, but many are finding that this crisis has pointed out just how many of us really can do our jobs from home. As a result, around one-quarter of companies plan to keep their pandemic-induced work-from-home policies in place even after this public health emergency comes to an end.
In general, this is excellent news. Yet working from home – whether in a home office or at the kitchen table – comes with some threats that many of us have never considered. It’s important to address these to keep you and your company safe. Below, we’ve identified the major threats out there and some strategies you can use to protect yourself.
Some Cybersecurity Stats to Consider When Working From Home
Top Threats Facing Your Home Office in 2020
To understand why the security measures we’re going to suggest you implement are necessary, it’s essential to understand what threats you face while working from home.
In general, these dangers are avoidable, but assessing the risk is vital to any mitigation strategy, so here are the things you need to watch out for and defend against:
Almost all of our valuable information – personal, financial, legal, etc. – is stored in various digital formats. Because it’s valuable, it’s only natural that there are people out there looking to steal it. Cybercriminals need to “hack” into whatever system has the information they want, which is tech-speak for gaining access to something they don’t have permission to access.
As a result, preventing data theft and hacking means ensuring that all the systems you use to store valuable information are adequately protected. And when you’re working from home, this is especially important because one misstep could provide hackers with access to information that would compromise not only your company but also your customers, which can have devastating effects.
One thing to point out is that hackers no longer only target large companies. Yes, big corporations have more data, but they also have more resources to protect it, so they are tougher to hack. As a result, hackers are increasingly targeting smaller companies because while they have less data, it’s easier to access.
All this means for you working from home is that you need to be vigilant no matter what type of company employs you. The risk is always there and you need to make sure you’re properly protected against them.
Identity theft has been a risk we’ve faced for a long time, and well before our lives become so digital. However, with more of our lives online than ever before, it’s become easier for someone to assume our identities and act on our behalf, potentially wrecking our personal and financial lives in the process.
However, when you begin working from home more often, identity theft’s potential consequences become even more severe. Allowing someone to gain access to your personal information could lead them right into company systems, which could lead to more data/identity theft and put your company’s survival in jeopardy.
As a result, while this is always a concern when working from home, you must take all possible precautions to keep your identity safe.
Viruses, Malware, Ransomware
Another major cybersecurity threat to consider are the many different types of malicious software out there. These programs “infect” your computer and either hold it hostage until you turn over money or information (ransomware), record or track your movements (spyware), or just straight-up steal your data (virus and other malware.)
Unfortunately, the ubiquity of malware and other types of destructive programs means they have become a fact of life. While installing malware on your personal computer won’t always result in a catastrophe, doing so on a computer you use for work is much more likely to do so. Therefore, it’s essential that you learn as much as possible about detecting malware so that you can spot it and prevent it from ever reaching your hard drive.
One threat that is becoming more and more real every day is that posed by cyberbullying. Essentially, it’s the same as the bullying we all know and recognize, but it occurs in a digital setting.
Many think this threat is reserved just for children, but many adults have either experienced or witnessed cyberbullying when online.
Working from home requires you to interact in far more digital spaces than perhaps you’re used to. Inappropriate or offensive comments can lead to much more dramatic consequences since many workplaces have little to zero tolerance for things such as cyberbullying.
Protecting yourself from both engaging in and falling victim to cyberbullying requires you to understand what it is and also implement some commonsense tactics to ensure that the online environments in which you operate are entirely safe and secure.
When we think about protecting our home offices, the first thing we tend to think of is protecting it from the many online threats out there. However, in doing this, we must not forget to pay attention to our offices’ physical security. Losing your computer, phone, or whatever device you use in your home office can have devastating effects for both you and your company.
In most cases, preventing against such a thing requires little more than making sure the office and your devices are properly locked up, but you may need to do more in some situations.
Tips for Maintaining a Secure Home Office
As you can see, there are many different threats out there that could turn your home office into a liability. However, we don’t want this to scare you, as there are things you can do. All we want is for you to see just how serious the threat is so that you can take action. Assuming you’ve done this, here are some ways you can keep your home office safe and secure.
Start By Learning Your Company’s Work From Home Policy
It’s important to remember that you don’t need to reinvent the wheel. If your company is having you work from home, they have likely thought through some of the potential dangers of such an arrangement and provided you with strategies you can implement that will help address your company’s specific security needs.
Things to look for in remote work policy (that you should ask about if they’re left out of the document) include:
- Guidelines about passwords and other login information
- Protocols for data sharing
- Rules and regulations regarding access to specific systems
- Authentication procedures
- Resources to help you be more secure
- Contact information for people who can help you should there be an issue
- Tips on what is acceptable communication and what is not (to prevent potential cyberbullying issues)
In the event your company doesn’t have such a policy, or you find that it inadequately addresses the issues at hand, then you should reach out to a supervisor or other colleague and initiate the conversation. It’s highly likely you are not the only person with concerns about cybersecurity and working from home. Plus, doing this could save your company a tremendous headache down the road. After all, the majority of cybersecurity issues companies face stem from employee mistakes.
Practice Good Password Habits
A good, strong password is your primary, and often most effective defense against the cybersecurity threats we’ve mentioned. However, many people don’t recognize this and don’t take the time to ensure their passwords can keep them as safe as possible.
The first thing you should do is make sure all your devices are password-protected, and that changes cannot be made to the system without administrative approval, meaning you need to enter your password to do so. This puts up a solid line of defense should anyone or anything (think malware) get into your computer and attempt to access data or make changes that could lead to a hack or something worse.
Also, make sure that all of your accounts are secured with good passwords. These days, this is a requirement in most cases, but it’s smart, especially when you’re working from home, to go the extra mile and make sure that your passwords are extra strong.
For those who don’t know, a strong password includes:
- Difficult to guess letter and number combinations. This means not using birthdays, addresses, names, etc. It also means not using things such as “123456” or something similar.
- Numbers and symbols. Throw in an @ sign instead of an “O” or an exclamation point instead of an “I.” These simple tricks make your password infinitely more difficult to guess, helping to keep your accounts and devices secure.
- At least eight characters so that, once again, it’s difficult for someone else to guess.
Other things to keep in mind include making sure you change your passwords once every six months or so to prevent anyone who might get hold of them from accessing the accounts they’re meant to protect. Also, make sure you NEVER share your password with anyone.
One thing you can do is to use auto-generated passwords. These are usually long and impossible to guess, making them the most secure. However, you won’t be able to remember these on your own, so if you go this route, make sure to use a password manager such as Last Pass that will save and encrypt your passwords.
Build the Habit of Locking Computers
If you have ever worked in an office, you are likely used to the habit of locking your computer using “CTL + ALT + Delete” when you’re away from your desk. We recommend you continue this habit even when you’re working from home. This way, when you step away from your computer, the various files and databases you have open remain protected. For some, this might seem like an unnecessary step, but it’s important to get into the mindset of constant vigilance, which is what will ultimately keep you and your office safe.
Establish Good Physical Security
We mentioned earlier how you mustn’t allow your focus on protecting against cybersecurity threats blind you to the other risks, such as a break-in.
However, protecting against this is pretty simple. Just make sure that you secure your devices in a room with locks or a drawer that you can lock when you’re not using them. For those who have extra sensitive information on their computers/phones, it might not be the worst idea to set up an alarm system that allows you to further protect the space you use as your home office.
You could even expand this security system to include your entire house, giving you further peace of mind.
Implement Two-Factor Authentication
One straightforward way of protecting your home office is to enable two-factor authentication wherever possible. This service is becoming more and more available, and it’s so simple that it would be a crime not to use it, especially when you are working from home and need to protect the sensitive information related to your job.
For those who don’t know, two-factor authentication is a security protocol that simply asks for two forms of identity validation before providing you access to a system. For example, it might first ask you for a password and then an answer to a security question.
Alternatively, another form that is becoming increasingly popular relies on you linking your account to a phone number and then entering a code sent to that number after typing your password, which helps ensure that it’s you trying to access the account in question.
This is a simple and easy to set up security protocol that will go a long way towards ensuring your accounts, and by extension, your home office, are as secure as they can be.
Practice Spotting Phishing
Phishing is the tactic hackers use to try and get you to willingly hand over information related to your accounts so that they can gain access to a database they deem valuable. It’s one of the most common forms of cybercrime and is surprisingly effective.
Typically, phishing attempts look shockingly similar to official correspondence from a service you use, but there will almost always be something wrong. To check if something is real or not, do the following:
Once you get the hang of this, it becomes relatively easy to figure out when someone is trying to steal your information. But for those struggling to figure out what’s real and what’s not, then consider practicing with this free tool provided by Google. Familiarizing yourself with the patterns that appear in phishing will help keep you and your company safe from most attacks.
Install Anti-Virus Software
Although far from perfect, anti-virus software is a very good line of defense against the threats that are out there and is a “must-have” for anyone working from home. Not only do these programs help you remove malicious software, should it make it onto your computer, but they also do real-time checks to alert you of potentially dangerous sites and links before you click them. They also put a step between downloading and installing programs downloaded from the internet, giving you the chance to review what you’re doing.
In most cases, your company should provide you with some anti-virus software, but in the event they don’t, then you should reach out to someone and find out how to get access, or, in a worst-case scenario, purchase a subscription for yourself.
Protect Your WiFi Network
Relying on your home WiFi network for work means you need to make sure it’s properly secured and protected, which you can do by following these steps:
Download a VPN
A virtual private network (VPN) is a tool that allows you to encrypt your WiFi network so that it appears you are browsing from somewhere other than where you actually are. This helps keep your online activity and identity private, adding another layer of security in the meantime.
Many companies will require you to use a VPN if you are going to work from home, especially the larger ones, but if you work for a smaller company, you may need to get this service on your own, which you should.
However, one thing to note is that a VPN will slow down your network connection, so make sure you have the performance you need before installing a VPN, as this will help prevent some headaches.
Encrypt Your Data
One thing you can do to ensure your home office is extra secure is to encrypt the data on your devices. All this means is that this information will be inaccessible to everyone except those who have the key, which would presumably be limited to yourself and a few others.
For many, such a step might be overkill, but if you have lots of sensitive data on your devices, it’s necessary. However, if you want to go this route, speak to a cybersecurity expert at your company as setting this up can be complicated, and you want to make sure you’re not making things harder for yourself down the road.
Regularly Perform Backups
This should be a part of your cybersecurity practices anyway, but ensuring you’ve backed up the information you’ve stored on your devices is essential. This way, if your computer does get compromised by a virus or some other form of malware, you can wipe it clean and not worry about losing everything. You can manually backup your data by setting a reminder to do so once a week or month, or you can use a cloud-based system that will automatically do this. Which one you choose depends on your needs, but the bottom line is that backing up your data is essential to keeping your home office safe and secure.
Whether you’re new to working from home due to the pandemic or been doing it for a while, you’re likely familiar with the upsides of the arrangement. However, as with everything in life, the good comes with the bad, but don’t let this discourage you. Instead, be aware of the risks and take the necessary steps to secure your home office. Don’t ever let up; in the end, constant vigilance is the only thing that will keep you safe forever.