Roughly 12.7% of people are working from home full-time, with an additional 28% working part-time. This is so convenient for both the employees and the employers. There’s more work and more candidates, and all the expenses are lower.
However, one thing that is higher (unfortunately) is the exposure to cybersecurity risks. You have so many employees working on devices that are not necessarily secure. Their networks may not be secure either, not to mention their password policies and communication habits.
Remote workers have a responsibility to take care of that, but not all of them are as responsible. With that in mind, here are the top five cyber-security precautions you need to take when working from home.
Take care of your devices
The most important thing about working from home is the fact that you’re working on your own device. This means that if your devices are inadequate, your work will suffer.
This goes for both your hardware and your software. Just imagine if you have a keyboard with one bad key. It’s a bit stuck, or maybe you just have to hit it a bit harder (or twice every time). It’s an annoying idea, but it’s not really a massive problem, right? Well, it depends. Are you on your keyboard for an entire day? What if you write 3000-5000 words per day? In that scenario, it’s a huge problem.
Still, taking care of your devices is about more than just convenience (or even productivity).
First of all, you need to take care of the cybersecurity aspect. You should start by getting yourself an antivirus/antimalware software. Scan the device and keep it running in the background. While any antivirus is better than no antivirus, it’s usually advised to go with something renowned and credible. We’re talking about platforms from industry leaders like TotalAV, not free tools from unknown brands.
Next, you need to understand the importance of keeping all your platforms up to date. This is the only way they provide the protection and functionality you expect – always perform recommended updates on your device’s operating system.
Take care of your network
Next, when working from home, your network and devices are your own responsibility. When working from home, make sure that your network is locked behind a safe password and that only a select few have access to it.
The same goes for your device and your browser. Sure, you may have complete trust in your employee and your partner, but this is your choice, not your employer’s. Log out of all the platforms when you’re not using the device and disable auto-login. Also, be extra careful who you let use your devices.
When it comes to devices that you can carry around, like a laptop, a tablet, or your phone, be extra careful of the networks you use when conducting business. Unknown hotspots, unlocked networks, and public WiFi are especially suspicious. It doesn’t mean that anything bad is going to happen; most likely, it won’t, but there’s a high risk. You shouldn’t take the fact that nothing bad has happened (so far) as evidence that this type of behavior is completely risk-free.
The biggest problem with this type of risky behavior is that a lot of people don’t know that it’s risky to begin with. The first step is, therefore, raising awareness.
Create separate passwords for work and private info
Ideally, you would always have strong, random, and unique passwords, but if that’s not the case, you should prioritize your employer’s platforms. After all, if you’re not concerned about your own brand or correspondence, that’s reckless, but it’s also your right. However, it would be quite unfair to use your pet’s name as a password that you use to log into your account on the company project management platform.
Just think about it: you probably already have restricted access, and for a good reason. Bringing in more people to the project is always a security liability. Don’t make matters worse.
So, how do you come up with a strong password?
First, you need something unique. This means something that you’re not using for your Facebook, Steam, or Netflix. The password needs to be new. It also has to be random. It can’t be something that a hacker can figure out by just going through a few highlight stories on your Instagram. This means no favorite book character, no pet names, and nothing of that sort.
Ideally, you should start using a password manager. This will make everything easier.
Only communicate through official channels
Now, we don’t want to get into politics too much, but a few years back, a huge official had a massive problem because they disregarded a proper protocol when it came to email correspondence.
In fact, navigating the landscape of advanced email security threats is a whole branch of cybersecurity that deserves a post of its own. For the time being, it’s enough that you acknowledge the danger of email-based attacks and understand that, no matter how secure native email protections are, they have their limitations.
This is not the only reason you want to communicate only through official channels. There’s also the issue of doing things by the books. Now, just imagine what your bosses would think about you sharing documents that are company property via channels like Facebook Messenger or Instagram DMs.
Moreover, since everything needs to be on the books and on the record, some employers are taking screenshots of platforms like Slack, etc. They’re legally not allowed to do so with your private correspondences, and since the majority of people use social media for messaging, this is a bit of a problem. After all, not many people have a separate social media account for work.
Be suspicious
Being suspicious is always safer. Is the person on the other end of the conversation really who they say they are? This is also one of the reasons why you need to keep communication through official channels.
As long as someone’s on Slack, it’s clear that they’re part of the team (someone had to invite them there). However, anyone can put anything in their profile on Facebook, Skype, or Viber, and when they contact you, just because they say (and their profile says) that they’re from your company, it doesn’t really mean they are.
You should also always hover over the links before you click on them. Be mindful of the phishing, even if it comes from a credible source. How can phishing come from a credible source, you must ask? Well, it is simple – people sometimes copy/paste links without ever opening them. It takes just a second to hover over it and read the URL, so why not do it?
Ultimately, be careful what you click on and what you download. Sure, your antivirus (and even your OS protection) will warn you when you’re about to do something risky. However, a bit of your own caution goes a long way.
Keeping your employer’s IP safe is your duty and your responsibility
Even if you’re not signing an NDA, even if you’re not afraid that you’ll get fired, keeping the files and tools entrusted to you safe is your responsibility. This is incredibly important, and it’s definitely not something that you should ignore. In 2024, everyone knows that using public WiFi is unsafe, and everyone knows how to create a strong password. So, there’s no excuse.