Like many professionals around the world, our Crosspointe consultants have been working remotely due to COVID-19. For this post we have a guest blogger, Brian Okun from Braintrace, a New York cybersecurity firm. Brian has put together some tips on how to create a secure home office environment and shared it with the whole company. We hope these tips can help you stay secure during these difficult times.
Use a Virtual Private Network (VPN). A VPN swaps out the “pipe” through which your network information flows and creates a connection instead to your company’s private network “pipe”. This will allow you to access company data more securely. Contact your company’s IT provider for instructions on what VPN to use and how to set it up.
Be aware that not all VPN’s are alike. Some software manufacturers (e.g. Sage Software) do not recommend using VPNs for their applications and will not provide support or troubleshooting for their products if you do. Do not use streaming media sites while connected to the VPN. Your IT provider will thank you and so will the other VPN users.
Make Sure Your Home Router WiFi and Firewall passwords are Not still set on their Default. When you originally purchased or leased your router, you might have been given a default password. If you never got around to changing this, we strongly encourage you to do so. Also, disable access to your router’s admin portal from the Internet.
We also recommend that you enable WPA2 or WPA3 encryption for WiFi.
You can search your router/firewall manufacturer and model number for instructions on how to change the password and set up encryption on your WiFi SSID.
Furthermore, contact your internet provider and enable two-factor authentication (2FA), also known as multi-factor authentication (MFA). This will provide an extra layer of security if your password is ever breached. In fact, we recommend you set up 2FA on all accounts such as Email, Facebook, Google, and Financial portals.
Access and view information in private. These steps are especially essential if you are remotely working in a public space (e.g., a library) where many people are coming and going. In a crowded temporary office space, If you are viewing private information, be sure to lock the screen when you step away from your computer, avoid printing, remove all papers from your desk (when you are not present), and place your laptop in locked storage when not in use. You should follow these same recommendations at your permanent office.
Update your personal computer. If you are working out of your own home computer, make sure all security patches are up-to-date for your operating system, anti-virus, applications, and web browsers. Make sure the log in to your personal computer is at least 18 characters with different letters, capitalizations, numbers, and symbols all included.
Separate personal from work. Before you access company information, be sure to log out of social media platforms, personal email, and clear out your browser’s history. We advise this because many times, you can get distracted and you forget that you are in your email, or you are on some social media account. All of a sudden, you are broadcasting information that is unauthorized for the public.
Unplug all home listening devices. Unplug devices such as Google Home and Amazon Echo. This might be a strange thing to consider, but when it comes to protecting your organization’s data, you should never take chances. Also, you never know what applications can be using these home listening devices to listen to your conversations as well.
Encrypt your Startup Disk. Doing this will allow you to make sure that only people who are authorized will ever look at your data. If your laptop is stolen, the perpetrators will not be able to access any file unless they figure out the password. Make sure to store your encryption key in a safe location that is not on the hard drive you are encrypting; in case you need to use the key later to restore data on your computer.
The challenges that are presented by COVID-19 are many. We expect these tips will help by offering some sound security advice to allay some fears organizations may have in moving entire workforces to working remotely.
For additional information regarding remote access or other security suggestions, you can reach Brian Okun at www.braintrace.com or via 866.508.5471.
If you would like to discuss working from home or cybersecurity information more generally, you can reach Crosspointe at 877-357-0555 or at firstname.lastname@example.org.