Letâs talk about working remotely and doing it in a way you wonât be sorry. I know, weâve been working remote for a while, so why bring this up now? Well, let me answer that with a question: Did you know that working from home increases our vulnerability to Cyber Attacks? I hope you answered yes. In fact, 91% of companies have reported an increase in cyber-attacks in the past year due to employees working from home. Why the increase after all this time we have been working remote you ask? Well, several reasons, the biggest is the criminals know that most home networks and systems do not have dedicated people in place to protect, configure, test, analyze, investigate, and report, on the cyber health and well-being of your home network. Couple that with the knowing that the chance of doubling their possible bounty (your personal stuff and work stuff) when they hit a WFH person, and you have the reason for the continued increase. As such, two things need to happen to improve security and protect the data you need to:
- Hire a professional IT Security company to secure your home systems and network [Just kidding!!]. Seriously though, it is important to practice the basics when it comes to your technology security. Donât be a âlow hanging fruitâ for a cyber attacker [yes, a clichĂ©, but it fits, so Iâm going with itâŠ].
- Ensure your Wi-Fi router and all other network equipment is secured and has an administrative password set (that is NOT the devices default password)
- Update all apps and software you use regularly (home, network, mobile, and work devices). While those little app and SW updates may seem annoying, they all have a purpose. With each update the companies typically include a security patch. The best way to keep your software and apps safe is to update them as soon as possible. Also, enable the auto update if you have that option.
- Stay aware of potential attack vectors for a cyber-attack. As you know, as a regular reader of CyberBytes [I know, a shameless plug, I made a resolution to do it more often đ], I have covered the many common attack vectors, from easy passwords, to phishing, to clicking on a link that is loaded with malware. But to summarize into three bullets:
- Use a non-administrator account whenever possible and donât share your account.
- Practice good password and MFA habits (see Decembers CyberBytes).
- Keep your devices locked when you are not using them. Itâs always a good idea to keep your devices locked to make sure that you are the only one using your work (or other) devices when you step away. While it may be tempting to allow your family members to use your work device, the safest option is to keep your device locked and only used by you (because, you know how to best examine links and messages for possible malware or phish attempts, and others donât have a need to know on possibly viewing your company data or client data [some of which could possibly be CUI!].
If you at least do the basics, you put yourself ahead of a lot of other people who, by your doing the basics, now they become the âlow hanging fruitâ for cyber attackers!
Newsletter By:Â Rob Collings, ISHPI’s VP of Cybersecurity | CISO
February 1, 2024