April 2, 2020

10 top tips for working from home safely

One of the main measures taken to prevent the spread of Covid-19 is physical distancing. Fortunately, in our increasingly connected world, we are able to continue working in a home office environment.   Luxembourg, France, Belgium and Germany have also lifted home-working restrictions on cross-border workers. However, when your computer is connected to your company’s servers from your home, you do need to look after your cyber-health.

What threats from working from home pose?

Before looking at our tips, let’s take a look at some of the online threats which exist for those who are working from home and what they need to be aware of: re:

  • Unsecured Wi-Fi networks
    Most domestic networks are properly secured nowadays,   but this might not be the case for some earlier systems. . The risk with an unsecured connection is that people nearby could hack-in on your activities and information. .
  • Covid-19 phishing attacks
    We have seen an increase in the number of attempted frauds through phishing since the crisis began. Attackers tend to exploit recipients and focus on their general feeling of uncertainty and send misleading emails with a sense of urgency or implying serious consequences. These emails have three objectives, namely collecting essential data, holding you to ransom, or intrusion into your systems to take advantage later.
  • Use of personal devices and networks
    Many workers have to use their own computers to work from home due to the lack of any other equipment. However, their computers may not be equipped with the same level of security as other corporate devices, for example; powerful antivirus programs, custom firewalls and automatic online backup tools.

Fortunately, with our advice, you will be able to defend yourself with a large number of these threats and continue to work in complete peace of mind.

If you think your business won’t be affected, think again!

According to a recent survey, 42% of small and medium-sized businesses in Luxembourg said they had fallen victim to a cyber-attack in the last three years. Prevention is the first line of defence against cyber-attacks.

However, what does a business cyber-attack mean?

1. Use strong passwords

It is more important than ever to ensure that all of your user accounts are protected by strong passwords.

Do not use the same password for more than one account. If such a password is compromised, the other accounts that use it will become vulnerable.

Create a unique password for every user account, and make full use of your keyboard – uppercase and lowercase letters, numbers and special characters.

2. Configure two-factor authentication

A strong password will not be enough if your identity details are stolen. Two-factor authentication (2FA) and two-step verification (2SV) add an extra layer of protection to your accounts.

The second step can take the form of confirmation by email or text message, or a biometric method (facial recognition or fingerprint scan), or through some physical item, such as a USB dongle.

3. Use a VPN

A virtual private network (VPN) encrypts all your internet traffic, making it unreadable to anyone who intercepts it. A VPN shields you from all spying   eyes, including those of your internet services provider (ISP), government agencies, and hackers.

Note that using a VPN can slow down your internet connection. If you need to perform tasks that require large bandwidth, or to make video-conferencing calls, we recommend using a paid VPN service. It will be faster and more reliable.

4. Set up a firewall

Firewalls act as a first line of defence to prevent unauthorised access to your system. They create a barrier between your device and the internet by closing the communication ports.

Your computer’s operating system will certainly have a built-in firewall. In addition, hardware firewalls are built into most routers. You just have to make sure yours are switched on!

5. Use antivirus software

Although a firewall can help, some sophisticated attacks are able to by-pass them. A good antivirus package will then serve as a second line of defence by detecting and blocking known malware.

Then, if malware does find a way onto your computer, antivirus software will be able to detect it and, in some cases, remove it.

6. Secure your home router

Do you remember whether you changed your router’s password when you first set it up?

Changing the router’s password is a good first step, but you can also take further steps to improve security:

·       Set the encryption to WPA2 or WPA3

·       Limit data traffic flowing in and out

·       Use the highest encryption level available

·       Disable WPS

7. Install software upgrades regularly

Upgrades to your computer’s operating system, web browser and all your other software and applications are important. They often include fixes for security defects discovered since the last upgrade.

To avoid having to wait for long downloads for such installations, you can schedule upgrades to run automatically, typically overnight.

8. Back up your data

There are many ways to lose data – human error, accidentally, hardware failure, cyber-attack to name a few. Note the variety of possible ways this can happen 😉

Protecting your data is obviously therefore a fairly basic step. Hardware backups onto DVD or a separate hard drive are always an option, but more practical alternatives exist. Cloud services offer many backup and storage options.

9. Beware of remote desktop connections

Many employers allow their employees to access their corporate networks using remote connections to the desktop (RDP, or remote desktop protocol).

While such access can be made secure, a Check Point 2019 survey showed security issues with some of the most popular RDPs for Linux and Windows.

10. Recognise phishing emails and websites

Phishing emails, and voice mails (vishing) and text messages (smishing) are used by cyber-criminals to procure sensitive information (logins, bank details, etc.).

One clue to phishing emails is spelling and grammar mistakes in the sender’s email name, the subject line and the email body.

Hover the mouse over hyperlinks to see the URL of the destination page, and only click if you have complete trust in the sender.

The Covid-19 crisis is inducing us to try out remote working/working from home, and for a few weeks, it will become the normal state of affairs for many of us. Keep these few tips in mind to protect your networks and data in these unusual times.

Share this article: