One of the biggest challenges organizations face is shifting to work from home. In September 2020, roughly 60% of American workers were working from home. Security risks increase as companies shift to remote work. With organizations moving to remote work and preparing for such an environment, attackers are taking an increased interest in searching for security vulnerabilities to exploit and compromise. This article discusses 6 cybersecurity best practices for remote workers that organizations should take into consideration in order for employees to work securely at home.
Table of Contents:
When you work from home, typically you will need to connect to a VPN before you can access your organization’s network. Your organization should already have a VPN in use for when employees go away on a business trip and need to access the company’s network. Remember, a VPN establishes a secure and encrypted connection between your device and the organization’s network.
Many VPNs use a username and password, however, organizations should consider using smart cards with a one-time password to log into a VPN. Understand that it doesn’t matter how strong your VPN is, hackers can gain access to the organization’s network if the employee’s password is easy to guess or brute forced. For this reason, a password policy should be implemented where employees have to change their password regularly.
Emails are one of the most essential forms of communication amongst colleagues making it an easy target for hackers to exploit.
Be alert. With most email phishing scams, employees will receive an email that seems to be from your organization with content that looks legitimate. But it’s not. The contents of the email may ask the user to click on a link to fill out a form or to download an attachment. If either action is performed, a malware could be installed onto your device without you knowing. Therefore, it is extremely important that employees are educated and undergo training on how to look out for phishing emails. Employees should not click on any links or download any files from emails they find suspicious.
Email security is equally important. To protect a remote employee’s email accounts, organizations should make sure that emails can only be accessed via the organization’s VPN. Ensure that remote employees' systems encrypt data at rest because this will protect the email data if the system gets stolen or lost.
Make sure that your organization has invested in antivirus software. An antivirus software will run in the background and scan for any known threats on the host device such as trojans, worms, malware, viruses, spyware, and zero-day attacks.
Working from home means that employees will be partaking in many video calls which require the use of their webcams. Unfortunately, hackers have figured out ways to access your webcam without you knowing, therefore compromising your privacy. They are able to view all data on your system just by hacking into your webcam.
Most laptops have a webcam built into their system so, in order to protect yourself, you should get a sliding cover or tape over the webcam. If your laptop doesn’t have a built-in webcam and you use a webcam that is separate from your device, then unplug it when it's not in use.
This is one of the most important cybersecurity best practices for remote workers which is to ensure that your home Wi-Fi is secure.
You should perform the following to ensure that your home Wi-Fi is secure:
Zoom has been a popular video conferencing software especially during the pandemic, and as a result, may have a number of security risks.
For example, back at the peak of Covid (March 2020), there were Zoom attacks called “Zoom-bombing” attacks where uninvited guests get access into other people’s calls. Although this attack occurred on Zoom, it doesn’t mean that it can’t also happen on other video conferencing software as well.
The risks that organizations face is if hackers are able to join video calls then they can steal sensitive information about your organization, clients, and more. Consider the following tips while using a video conferencing software:
Organizations have had to switch over to remote work due to the pandemic which was a huge change. Before the pandemic, most of the IT team focused on protecting cybersecurity within the office. However, since the pandemic, the IT teams now need to shift their focus towards the cybersecurity threats themselves. It is vital that your organization invests in technology that can help protect your network. I cannot emphasize enough how important it is that you train your employees to learn and adopt the best cybersecurity practices for working remotely.
This article only talked about six cybersecurity best practices for remote workers, but there are many more. There is always more you and your organization can do to ensure the security of remote work.