With most people working from home for the duration of the pandemic, the security and privacy of your firm’s data and information is of the utmost concern. Employees who may never have worked outside the office, are not only using firm computers, laptops and tablets, but also personal home devices.
Most firms have a work from home policy drafted which outlines the requirements when working from home. With the recent turn of events, a large number or companies have had to scramble to get all of their employees working from home. The following is a list of security tips to protect your IT systems when working from home.
Computers should not be running on Windows 7. It is not valid any more and does not receive any security updates. It is important to use a Windows 8 or 10 device which can receive Windows updates.
Windows updates should be run regularly. This will also update any Microsoft software that is installed on the device. To run an update type Check for Updates in the search bar on your computer. When you open the app, click on Check for updates and download and install all updates. From here you can also set a schedule for the updates to run automatically at a time when you are not working. Your firm may control the updates on firm devices.
Windows 8 and 10 devices require a login password. Make sure this is a strong password. Choose a random word followed by a number or symbol and another random word. If you are using a personal computer that you share within your household, each user should have their own login so they do not have access to any firm related data that is on the computer.
Ensure your device is locked or logged out if being left for any amount of time unattended.
Most if not all internet providers require your router and wifi to have a password. If you are able to change this, make sure it is a strong password that someone would not be able to guess. For added security hide your SSID (Wifi identity) so others will not be able to see it as an available network.
Devices from your firm should already have anti-virus software installed. Users working from home should make sure their home computer also has anti-virus software. There are a large number of companies who offer a virtual purchase and download for personal devices. Using Windows defender as the only protection is not recommended.
Users should be connecting to the office with a VPN or through a secure cloud environment such as Citrix which passes through a firewall. This will provide users with the same look and feel of being in the office while maintaining security.
When connecting to the office, users should be required to use dual factor authentication as an added layer of security. This could be a push notification to your phone or a random access code fob or email provided by software installed in your environment.
When transporting information to/from the office i.e. files to be worked on offline, information should be stored or sent using encryption. Information sent using email should be sent by secure email especially when being sent to a personal email address. Files being transported home should be encrypted on USB devices. Many already come with encryption software. Adding a password to a file before saving it to the USB is safer than just saving it without any encryption. Transferring files using an encrypted file share is one of the best options.
Users should be vigilant when replying to and opening links in emails. Even if this looks like it comes from someone you deal with on a daily basis, take a look at the email address that it is coming from and if anything looks off or contains an attachment you were not expecting – delete the message. Cyber criminals have been using the Corona virus to lure unsuspecting users though phishing scams in emails.
Refrain from surfing the internet and social media on company devices or while connected to the firm’s network. Treat your device just as you would if you were in the office. If it’s not allowed in the office don’t do it while working from home.
Tammy Malone is a Client Support Specialist at Triella. We are a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium-sized firms. Tammy can be reached at 647.426.1004. For additional articles, go to our blog page. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.
© 2020 by Triella Corp. All rights reserved. Reproduction with credit is permitted.