Companies generally protect their corporate computers and other devices using many different methods. They install security solutions, prohibit employees from installing applications, filter content and restricted web access. Now that many are working from home; home IT security is even more important to us all. We put together these IT security tips for working from home to help you keep you and your company data safe.
Some of you will be using corporate devices which have security solutions for remote working in place. Some of you will be using a personal or shared family PC in order to access your work email and your corporate data, likely without security solutions implemented. To use an old analogy: “a chain is only as strong as its weakest link.” You and your home PC are now potentially the weakest link in that chain.
Focus on IT security tips for working from home
Is your PC, tablet or laptop safe to use?
Use Antivirus Software
We would like to think that most of you will know this it security tip for working from home. As a bare minimum you need to have antivirus (AV) and/or anti-malware software installed on your PC. Most PC’s will come with AV software when you buy them, usually a 12-month subscription. If you haven’t renewed your subscription you will still have this software installed but it won’t be up to date. This leaves your machine vulnerable. Check to make sure it is up to date today and that the product you are using is legit. Some common products are Webroot, Malwarebytes, McAfee and Kaspersky.
Run Windows updates
Are you using an old version of Windows?
Windows 7 became end of life in January 2020. If you are using a Windows 7 PC it will no longer be getting updates. If you are using a PC that has Windows 7 installed it will be 5 years old or more and probably pretty awful to use. We recommend getting a new PC to up your security and productivity! You can get a decent PC for around £600 now. The minimum spec of PC we recommend for business use would be at least an i5 Processor, a minimum of 8GB RAM. A Solid State Drive (SSD) is a must! If you are using Windows 8 or above, make sure all patches are installed. Also make sure the applications you are using are all patched and up to date. If you are running Windows 10 then this is the latest version but it also requires updates.
Turn on 2FA
We all use email every day and it is the easiest way for a hacker to infiltrate your IT systems. If they have your email address and your password they will more than likely be able to access your corporate servers also. 2 Form factor authentication, even if you don’t currently know what this means you will more than likely already be using to access your online accounts. Two-factor authentication (also known as 2FA or two step verification) is a second layer of security to protect an account or system. Users must go through two layers of security before being granted access to an account or system. Setting this up is one of our top IT security tips for working from home as it can stop accounts from being hacked.
If you don’t currently have this enabled on your corporate email account, speak to your IT department to find out why this is not in place.
We have all had that odd email from a contact where the email was unexpected, contained a link to a website or an attachment you were not expecting and then later in that day an apology email from that person saying their email account had been hacked. Most of us will be using Office 365 for their email, enabling 2FA is very straight forward will cut the risk if your email account being compromised or hacked by 99%. If its not enabled on your email account then ask your IT department why not.
Setup a login for work purposes
If you are using your family PC for work, chances are you don’t need to log into it or you all just log in with the same account. If that’s the case setup a profile specifically for you that you will use while you are working. Many of you will have been working from home for months by now. Most of you will have also created a folder structure on your desktop or your my documents folder with work related stuff. If your household all using the same login account, someone could accidentally delete that important folder or file that you have spend days working on. Also get into the habit of locking your PC even if you get up to go to the loo and have a cup of coffee or lunch.
You probably don’t want your child to accidentally send your boss a smiley-laden text. Or your cat to walk across the keyboard and mail an unfinished message to an important client. If you’re about to go somewhere else, lock the screen. And it should go without saying that your computer needs password-protection.
Is your home network secure?
Update your Wi-Fi password
Many of you will be connecting to the internet using the Wi-Fi connection from your router. Although we wouldn’t like to admit to this; some of us will have a completely open Wi-Fi network at home. Why not? It’s a lot simpler to get your Sonos, your Xbox and all your other Wi-Fi enabled devices connected to the internet if you don’t need remember a password to get them connected.
However, protecting your computer won’t help if an attacker can connect to your Wi-Fi without your knowledge. Anyone who has access can intercept everything you send or enter online, including passwords for remote access to an office-based computer or corporate mail. Therefore, it is imperative to configure your network correctly.
Firstly make sure that the connection is encrypted. If your Wi-Fi asks anyone connecting to it for a password, the connection is encrypted. However, there are several Wi-Fi encryption standards, some of which are already outdated to choose from. Your best bet is WPA2. You can usually access and change the router settings using your web browser to check or change the type of encryption — and remember that your Wi-Fi password should be strong and if you are one of those people with an open Wi-Fi network – make it a priority to change this!
Change your router login information
If you have never changed the login and password required to enter your router settings, do it now. The default passwords for many models are not only too weak, but also known across the Internet and easy to search for. Attackers often simply write them into the code of malicious programs – if they work, your router is captured. The intruders can then spy on you, because everything that you send online passes through the router. The place to change the router username and password is in the settings.
Change your DNS settings
The Domain Name System (DNS) is the phonebook of the Internet. You access information online through domain names, like G5tech.com or google.co.uk. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load internet resources. By default your router will be configured to pick up its DNS settings from your internet provider. As your router is your gateway to the internet it controls your access to the outside world.
Your corporate internet connection will likely be using a DNS filtering service like Cisco Umbrella. DNS filtering services are used to help protect you and your devices from accessing websites that are known to contain malware. They also help block websites masquerading as websites like Office 365 in order to try and get your login details.
DNS filtering services can be configured to stop you accessing certain categories of websites, gambling, adult content etc.
Cisco Umbrella is a paid for service, but Cisco also offer a free version called OpenDNS that is mainly for the domestic marketplace. You can sign up for your free account at https://www.opendns.com/ once your account is created you can configure and control your internet traffic by blocking or allowing access to certain categories of websites, but more importantly it helps protect you and all of the devices that connect to your router from accessing those sites that are known to contain malware and phishing.
Use a VPN Connection
If you’re using an Internet connection you don’t own, such as Wi-Fi from a café downstairs or your neighbours network that they conveniently forgot to secure with a password, then take extra care. Public Wi-Fi networks are often not encrypted at all, and even if they are, anyone can get hold of the password.
To prevent others connected to this Wi-Fi network from spying on you, use a virtual private network. When you’re connected through a VPN, all of your data will be encrypted regardless of the network settings, and outsiders will not be able to read it. If you are accessing your corporate servers remotely you should be using a VPN, if your not then your remote servers could be open to the internet and open to being compromised.
PC backups
When you were working in the office you may have taken for granted that all your data is backed up. At the office if you accidently deleted something, IT would be able to restore this for you. Now that you are working from home you might have data stored on your hard drive that is important and would be an issue if you were unable to retrieve it. You need to ensure that your documents or your whole PC is now being backed up. Cloud based backups are very common place nowadays. Speak to your IT department and ensure that your documents and PC are being backed up.
Follow Company guidelines
Use corporate services for e-mail, messaging, and all other work
Your company most likely has a set of IT services that employees use, such as Microsoft Office 365, and corporate messenger services like MS Teams or Slack. Those tools are configured by your company’s IT, and IT are responsible for setting them up right so please use them while working from home, we all have access to Facebook Messenger, Google Drive and Whatsapp but please don’t use them for sending work related messages or documents. Stick to the communication methods given to you by your IT department. If you don’t have company guidelines in place already for IT then now is a good time to start. We can help you get them set up so give us a call on 01224 443896.
Stay vigilant!
Even with the best firewall and filtering services in place sometimes a malicious – and highly convincing – message can sneak into corporate mail. This is especially relevant today with us all being at home. Therefore, read messages carefully and don’t rush to respond to them. If someone urgently needs an important document or demands immediate payment of an invoice, double-check the someone is who they claim to be. Don’t be afraid to call the other party for clarification, or confirm the action one more time with your boss.
Be particularly suspicious of e-mails with links. If a link to a supposed document does not point to a corporate resource, better to ignore it. If everything looks fine, and the link opens a site that resembles, say, OneDrive, do not enter your credentials on it. Better to manually type in the OneDrive address in the browser.Then you can log in, and try to open the file again. The link could be a phishing site trying to collect your office 365 username and password.
At G5 Technologies we have been helping companies with their IT security solutions since 2004. We are ready to help you implement IT security for remote working. Give our friendly team a call if you are looking for any advice to help protect your company data or your employees.
If you’d like more tips then take a look here:
Working from Home tips from our engineers
