Working from home (WFH) has become the new normal, and it happened almost overnight thanks to the unprecedented speed with which the coronavirus pandemic arrived. While you’re staying safely at home and revelling in the opportunity to work in your PJs or to sit on the deck with your laptop, you should take the time to make sure your infrastructure is protected from hackers and is as watertight as possible.
Digital Journal caught up with Mat Newfield, Unisys Chief Information Officer to learn about a six-point security checklist that people can follow to secure themselves while working from home.
Item #1: Pay Careful Attention
Be diligent in everything you do. In the past, only around 15% of people worked from home, so IT teams could tailor security systems to protect corporate information.
With companies now allowing up to 95 percent of their staff to work from home, it’s a lot more complex. You need to keep a close watch for anything out of the ordinary that could indicate someone has access to your system.
Read up on your company’s IT security policies and procedures, and report any problems and issues to your help desk as soon as you spot them.
Item #2: Update Your Passwords
Check all your passwords, from your cable box to your internet modem, and update them if you haven’t done so recently. This is especially important if you’re still using a default factory-issued password anywhere.
Keep your passwords private and store them securely using an encrypted password manager, and don’t leave it open on your computer when you’re not at home. The bad actors out there know how often people ignore this issue, and they target the weak infrastructure in people’s homes to try to get into the corporations they work for.
Item #3: Watch Out for Scams
Watch out for strange calls and emails asking for information. It might seem innocuous when someone calls from the IRS to “verify” a social security number they already have, but that doesn’t make them legit. By recording your voice on a call, for example, they may be able to use it to access your voice-activated smart TV. Once in your system, it’s not difficult to work their way into your Wi-Fi connection.
If you aren’t expecting a call, don’t engage with the caller until you can check it out. Ask for a number to call back and check it online before you do. Never open any unsolicited email attachment until you’ve confirmed with the person who sent it to you, because just one click or download can lead to a malware infection or loss of data, and impact your financial health.
Item #4: Verify All Hyperlinks
In the office, it’s easy to walk up the hallway and ask someone if they sent you that suspicious-looking email. That option is gone with WFH. Hover over every link before clicking it to see if it looks authentic, and scrutinize the email it came with to check for signs of phishing.
If you have any doubts at all then look at the domain in the URL and google it to verify it independently before you do anything further. Some adversaries create links that look very similar to the real thing, so be careful.
Item #5: Secure Your Equipment
If you’ve had some of your electronic equipment for a long time, search for the brand and model online to see if there are ways to harden and secure the devices. Don’t share the devices you use for working from home with other people, and download any software updates and patches that are available for your devices.
Get approval from your IT department before using any personal equipment or downloading any software, no matter how legitimate it appears to be. Keep an eye out for indications of malware, like pop-ups, unexpected porn, blue screens and sudden system slowdowns.
Item #6: Protect Video Meetings
When you’re holding meetings over platforms like Zoom or others, set up a new link for each meeting. Don’t reuse your personal link or a link you’ve used before, because that opens up access to people you’ve spoken to previously. In the event of your former meeting participants getting hacked, intruders could gain access to your meetings via old links in the hacked email accounts, and there are programs out there that can track down meeting IDs in no time.
Use layers of security such as passwords and meeting IDs so your conversation remains private. It’s also important to remember there’s no real privacy when you’re using any 3rd-party product, unless the company specifically paid for the product to be developed.
