What does cybersecurity for your home mean? It’s a blurred line at best. In the world of remote work, employees understand the benefits — and challenges — of creating a home office. Of course, the most formidable obstacle revolves around securing one’s devices and networks. If you’re self-employed, there’s no IT team to call on for help, and even as a company employee, there’s only so much you can ask digital experts to do for you. At some point, the cybersecurity responsibility falls on your shoulders.
Cybersecurity focuses on everything that’s a threat to your digital network (i.e., your installed technologies, processes, applications, and controls). The challenge is to design a sound framework to protect all of that. This is not something that you can think about tomorrow. Indeed, there’s no time to waste. The cyber-threat is growing, and it’s not going away anytime soon.
What are the cybersecurity threats I can expect to see?
Hackers are dialing into the fact that workloads are shifting from office buildings to the home. While they previously targeted the companies directly at their headquarters or branches, now they’re going for new weak spots. The latter is the homebound employee functioning with significantly less protection. It seems that your due diligence in protecting the data (and all that goes with it) under your care is now a vital concern, and there are three threats you have to worry about:
Ransomware is part and parcel of something known as malware. What happens is that after you let it in, ransomware contaminates your records with indecipherable code. You generally usher it through to your files by opening an email. Then in quick order, you get contacted by the perpetrators to pay a ransom if you want the encryption unlocked. Calling in the police is next to useless. These criminals live in other countries, in remote locations.
Viruses are an extension of ransomware, and only one of a never-ending list of worms and digital obstructions that range from mildly annoying to virtually crippling. The only entry points into your system are ones you open up yourself, either through ignorance or carelessness. The more you know, the more equipped you’ll be to counteract them.
You’ll immediately recognize a phishing scam by the message format the cyber-criminals deploy. They’re after usernames, passwords, social security numbers, bank and credit card details — personal, sensitive information. These wily operators pose as the representatives of the entities you deal with all of the time: the IRS, your insurance broker, bank, stock advisor, and so on. The emails look official with carefully crafted language and prominent, genuine-looking logos. You may even get an instruction from the CEO telling you to divulge X or Y to the email address in his message. But, of course, once you respond to these lures, you’ve let in the cyber-thieves and you’re in deep trouble.
So, what can I do about it?
Here’s a list of what you can do to help secure your remote working environment, courtesy of the Forbes Technology Council, together with some of my own suggestions.
If you’re an employee, badger your employers to the nth degree
Yes, it might sound crazy, but I mean it. The squeaky wheel gets the oil. With numerous employees moving to remote work, the company IT team has its hands full. Everyone is crying out for digital communication assistance. Dive in, make yourself heard. Get your home office functioning with cybersecurity in place.
For example, make sure your company’s VPN is a pre-installed option for anyone working from home. Insist on it, and fight to make it happen. Then, make it your business to understand what’s in the mix and any gaps that still exist. Don’t just accept that your network is watertight. It’s probably not.
Not an employee, just at home with your own business?
Clearly, you face a more complicated route than the above suggestion. You have to do it all yourself. Most of the following Forbes pointers assume no company assistance — a good starting point for any category of digital users, no matter what your situation is:
- Ensure that two things are up to date: firmware and firewalls. What’s firmware? According to the dictionary, it’s “permanent software programmed into a read-only memory.” What’s a firewall? In short, it’s a network security device designed to keep track of and check incoming and outgoing digital traffic, only allowing passage to legitimate data and blocking suspect information. To a greater or lesser extent, networks generally come with both firmware and firewalls. A great starting point is establishing that your Wi-Fi password is impenetrable.
- Ensure your home Wi-Fi is locked down by logging in to your home Wi-Fi router and switching on the WPA2 security that connects to your standard and guest networks. You may find that older devices don’t align with this move, in which case try WPA or WPA/WPA2. Get a tech savvy friend to help if you’re puzzled.
- Back up your files regularly to offset calamitous social engineering attacks. Ransomware thieves can’t neutralize virtual storage of information even though they attack the device you’re using.
Protect your devices with your life!
Okay, maybe your device protection plan doesn’t need to be that extreme, but you get the picture. Don’t leave your laptop or mobile device in a car as a temptation for thieves. Hackers use Bluetooth scanners to make smash-and-grab excursions easier, detecting devices hidden in the trunk or beneath the seat, so there’s no good place to hide a device in a car.
Exercise extreme email caution
As mentioned above, emails are hackers’ favorite entry points. Consequently, treat emails with caution at all times. If the sender’s identity is not instantly recognizable, stop, think, and verify who is contacting you. If necessary, Google the URL or ask one of your peers to research it for you. If it truly looks suspicious, don’t even open it. I can’t stress this enough. If you work for a company, don’t hesitate to forward the email to your IT team for confirmation.
Get multi-factor authentication
I suggest that the surest route to cyber-protection is by installing a multi-factor authentication process: You know you have it when users must provide two or more evidential pieces to verify their identity. It’s a prerequisite before they can walk through your digital network door.
Change passwords regularly
Everything I’ve mentioned here boils down to maintaining good password habits. Change them regularly and make them unique. Inept password habits create an opening for hackers, and they’ll stroll right in, if given half a chance. Use your imagination to think of outlandish words or codes and alter them every few weeks. Then, keep a record of them manually. However, if forgotten, your system generally prompts you with a “Forgot Password?” message that resolves the issue. It’s a hassle, I know, but a necessary one.
Never, ever use public Wi-Fi
These networks are unprotected public gateways for hackers to invade your privacy. It’s far too risky — public Wi-Fi invites cyber-criminals who use man-in-the-middle attacks and malicious hotspots as weapons to tear through your virtual defenses like a knife through butter.
If you’re an employee, stay vigilant
Remain part of the corporate solution, not the problem. If you notice anything unusual coming through the network, let IT know. Team collaboration keeps cybersecurity on the right track. In addition, you and your teammates should know your responsibilities to uphold organizational security policies.
Finally, three more things to keep in mind:
- Implement regular scans on a periodic schedule to kick phishing expeditions to the curb.
- Bury your sensitive data safely in files, and don’t leave paperwork lying around. Encrypt it wherever possible.
- Be cautious about downloading apps. Make sure they’re originating from reputable companies.
Cybersecurity is everybody’s responsibility. Whether you’re working from home, or operate a small business out of your home office, it’s vitally important to make sure your data and networks are secure.