- Using shadow IT solutions, unauthorised email accounts enhance the risk of cyber attacks
- VPNs provide an additional layer of security by encrypting all communications emerging or received on a PC
With millions of now accessing work data on home networks and personal devices, organisations are more vulnerable than ever before to cyber crimes. Humans and poor cyber practices are the weakest links, having often led to major cyber attacks.
Here are a few simple rules that one needs to keep in mind while accessing work information at home.
Avoid unauthorised software, hardware
Around 47% of security professionals involved in a global survey by Check Point Software, in April, found remote workers using shadow IT solutions while working from home. Shadow IT refers to hardware or software which are used by employees without the authorisation of the company’s IT department. Such devices are unlikely to have an enterprise level anti-virus or firewall, increasing risk of malware attack. Similarly, using unauthorised software to get things done faster can also heighten the risk.
Use office emails
Just like shadow IT solutions, un-authorised email accounts are also a strict no-no. They are not backed-up, archived and secured by the IT department or the company. Exchanging information on these email accounts can lead to company’s critical data being stored on mail servers over which a company has no control. Users need to install email clients on their phone and PCs and stick to them for all work communications. Also, unlike personal emails, work emails are less likely to be targeted with phishing emails.
Secure home networks
Since all online communication take place over the home WiFi network, it is safer to secure it. First thing to do is switch to a complex password involving a mix of characters as they are harder to crack. Users should use the more secure WPA 2 encryption standard as it uses AES (advanced encryption standard) and generates a new encryption key frequently to protect against breach attempts. Most routers come with in-built firewall and enabling it can protect against unauthorized access to wireless network.
Use VPN clients to access work data
Widely used to bypass geographic restrictions on streaming platforms and access location-specific content, VPN or virtual private networks provide an additional layer of security by encrypting all communications emerging or received on a PC, smartphone or even a router. Fully aware of this, IT departments in all likelihood would have installed a VPN client on the work PC or any other PC used for work. Users need to ensure the VPN client is enabled before connecting to company network.
Update security tools
For users working who rely strictly on work PCs for work, many updates can be triggered remotely or can be automated. In case a user has been using a personal PC or smartphone for work, it is important to regularly update operating systems, anti-virus, VPN and other apps they are using for work. These updates often carry security patches to address vulnerabilities in apps or OS that may have been reported. Applying patches can mitigate the risk of malware injection of any kind.