The massive shift to remote work in response to COVID-19 has seen productivity increases for many teams, but it’s also revealed a slew of security risks as people dial in on insecure networks or personal devices. This is because 95% of cybersecurity breaches are due to human error.
Whether you’re working from home temporarily because of the pandemic or are a permanent telecommuter, prevent a stranger from popping up in your next meeting — or worse, stealing sensitive company information — with these cybersecurity best practices.
1. Only use company-issued devices
Rather than outfitting your home computer with work programs or checking your email on your personal phone, use only company-provided technology during remote work if possible. While different employers have their own unique set of rules for cybersecurity, company devices are almost always better outfitted to combat security threats.
Using company-issued devices also prevents family members or houseguests from logging onto your computer and accessing sensitive information. Often, company security liability insurance only covers breaches if the incident happened on a work device.
2. Use a VPN to reduce hacking risks
If your company provides a virtual private network (VPN), make sure you sign in through this every time you log on. Otherwise, you may be on the hook for any cyberattacks that occur.
A VPN uses a private server for your device’s internet connection, which in turn keeps you secure and anonymous. A hacker who intercepts VPN data won’t be able to read it. Do your part to keep your company VPN safe by updating it regularly with a secure password.
3. Work within company approved software and tools
Your employer designates particular software use for a reason. These platforms are usually vetted for security concerns and can be outfitted with additional security measures such as firewalls.
Even if your Slack goes down, don’t download another chat software to continue the conversation with a coworker. Using unapproved software and tools puts you at risk for cyberattacks and phishing schemes.
4. Keep software updated
New software popups are another annoying update many of us field frequently. Yet, like password protection, software updates help protect our machine from bad actors. This is because most software updates include the latest security measures and virus prevention.
Backup any important files on a cloud or external hard drive before doing the software update in case of any technical issues.
5. Avoid public Wi-Fi
There’s no way to know if hackers are on a public Wi-Fi network or which security protocols are in place to protect you and your data from them. It’s best to avoid public Wi-Fi altogether when working with sensitive company information.
Instead, use a mobile hotspot to access the Internet on the go. Your employer may be willing to pay for a mobile hotspot on your company-issued mobile device if it isn't already equipped with one.
6. Don’t open suspicious emails
Do you know the signs of an email phishing attack? Scammers send emails claiming to be a coworker, or even worse, your boss, in an attempt to gain sensitive information.
At least $57 million is lost annually to these attacks. Know how to spot a phishing email so you don’t get tricked. If an email sender asks you to confirm personal information, click on a link to make a payment, or offers a coupon for free stuff, it may be a phishing scam. Would your boss really email you and ask you for your credit card information?
7. Change your password regularly
It can be a headache to keep track of multiple, ever-changing passwords, but changing your password is one of the best ways to stay secure online. At the very minimum, you should change them every 90 days, but your company may request that you do this more frequently.
You should never share your passwords or store them somewhere that is easily accessible. Consider a password manager to store all of your logins so you aren’t jotting them down on paper that could fall into the wrong hands. Rather than adding another number or exclamation points onto your existing password, add more complex changes in lettering and numbering to make the code harder to crack.
8. Set up boundaries for virtual meetings
Hosting a meeting or video conference? Don’t be afraid to establish remote boundaries with attendees. If you’re talking about anything sensitive, let your colleagues know beforehand and encourage them to take the meeting out of earshot of roommates or family members.
Also, take advantage of meeting software security features such as requiring a meeting passcodes, preventing non-hosts from sharing their screens, and disabling file transfers and auto-saved chats.
9. Be cautious when you share your screen
If you plan to share your screen during a meeting, remember that one wrong click can become a security concern. Don’t let the wrong set of eyes fall on company information or personal data. Close all tabs and software that aren’t relevant to your meeting beforehand.
Your company will value your commitment to keeping information confidential, and you may spare yourself embarrassment, too.
10. Practice good digital hygiene
Practicing digital hygiene will keep your digital footprint squeaky clean. This isn’t a one-time item to check off your to-do list, but rather a recurring ritual.
Here are good digital hygiene habits that help keep hackers at bay:
- Keep your inbox organized
- Unsubscribe from unnecessary emails
- Turn on multi-factor authentication
- Delete unused apps and software
- Take advantage of cybersecurity awareness training