The current Coronavirus pandemic means the majority of the UK, and the world, could be entering a prolonged period of social distancing. For those able to do so that means working from home. But what about the cyber security impact of working from home? Is it intrinsically less safe?
The world is highly connected, and thankfully technology makes it much easier to transition to the "home office". However, our homes are often a much more relaxed place. We feel safe in our homes which can lead to complacency and a drop in cyber security standards.
As experts in cyber security, here’s our advice about the most important things you can do to make working from home as secure as possible.
Secure your home Wi-Fi
Routers are targets for hacking, but there are some simple steps you can take to secure yours. Make sure your network is using WPA2 or WPA3 for wireless encryption. If it is using WEP or WPA the network is open to hacking. To check this you need to log in to your router. This is usually done via your browser and isn’t as technical as it sounds. Check your router’s manual or ISP help pages for how to log in to your particular type of router.
If WPA2 or WPA3 are not available you must upgrade your Wi-Fi router as soon as possible. Your internet service provider (ISP) may provide an updated version at no cost. Any router provided in the last two years should be using WPA2 or WPA3 encryption by default.
Really you need a separate network for your work and personal devices as things like TVs and internet-enabled thermostats can be less secure and more prone to hacking.
To do this you will need two routers. It can be complex to configure such a set-up securely. The simpler alternative is to use a VPN.
Set-up a VPN
A VPN is a "Virtual Private Network". This effectively creates a secure encrypted tunnel between your device, be that a phone, a tablet, a computer or laptop, and the internet. It can prevent anything on your home network from being able to intercept or read communications from your work device. Your employer may provide a VPN to securely connect to the office network. But for smaller businesses and individuals, setting up a VPN can seem complex or difficult.
To simplify this, Servertastic has partnered with NordVPN. With the installation of a simple program on your phone, tablet and/or computer you can enable a VPN connection with a simple click. There is a small cost which we have currently discounted by 70%. If you pay for three years in advance it works out at less than £3.00 per month for one person and you can add it to up to six devices. Click here for more information. You can also contact us if you have a VPN query.
Tidy desk policy
I am going to confess my desk is often not the tidiest. However, working from home significantly increases the risk of leaving confidential or sensitive materials on your desk.
We all still have to comply with GDPR legislation. Handwritten notes may contain personal information of customers or suppliers. Letters you open and leave on your desk could be used to build a profile of you and create an opportunity to steal your data.. Information could be easily misplaced or accidentally lost. Consider having a lockable drawer or filing cabinet to keep paper records secure and shred your paperwork as soon as it is not needed.
Consider using apps like ScanBot, HubDoc and ReceiptBank to quickly scan paperwork and then immediately dispose of it.
If you’re working from home you may want to position yourself somewhere with a nice view. Or you might simply just cram yourself into a corner where you can fit. Make sure it is not possible to see your device screen from outside or from perhaps a neighbour’s upstairs window. You might think the chances of your neighbours spying on you are remote, but it’s better to remove the risk than suffer as a result of it later.
Keep work and personal devices separate
Keep your work device – tablet , laptop or computer – as solely your work device. Do not share it with other family members. It may be tempting to let one of the younger ones play online games, but they can easily introduce vulnerabilities without realising. You don’t want to admit to your boss that you can no longer work from home because your laptop got a virus from Roblox. Or worse, have your IT team point that out once they’ve fixed it.
Enable your auto lock screen
Make sure you set your screen to auto-lock. This should be as short as you find you can practically manage but never any longer than five minutes. This means if you accidentally wander away from your desk and leave your laptop open it will lock the screen after a period of inactivity. Get into the habit of manually locking your screen when you walk away too. This is just as pertinent in the office as at home. The auto-lock is just a back-up for this habit.
To save ending up with a bulging inbox you are likely to want to chat with other members of the team or customers/suppliers via messaging platforms. Consider using end-to-end encrypted messaging services such as Telegram, WhatsApp, Signal, Slack, or Microsoft Teams.
Facebook Messenger is NOT encrypted by default and could leave your messages open to being read.
Better still, use the phone or video call. You can do this through Zoom, Skype, Teams or WhatsApp. It’s a bit of social contact as well as a way to get work done. We all still need to stay in touch, but ensuring our communications are secure is still important.
If you have any queries about working from home securely, speak to us today and find out how we can help.