loader image

Cybersecurity in remote work (part 2)

May 26, 2023 | News

Last week we gave you 5 tips to avoid cyberattacks from hackers. Today we finish with five more tips that you should take into account. Check out the list below:

6. Secure your home WiFi

One of the simplest ways to ensure cybersecurity for remote workers is to strengthen the security of your home WiFi network. You can achieve this through the creation of a strong and unique password.
You can access your routers settings page by typing192.168.1.1 into your browser and changing the password there. Make sure you choose a password that is difficult for anyone to guess. You can also change your SSID, the name of your wireless network, on the same settings page to make it harder for third parties to identify and access your home WiFi network. Do not use your name, address, or anything that could be used to identify you.
Ensure you have enabled network encryption, usually done in the security settings on your wireless settings page. You will have several security methods, such as WEP, WPA, and WPA2. If you’re using newer hardware (newer than 2006), the strongest is WPA2.
You can limit network access to specific MAC addresses for added security. Each device that connects to your network has a unique MAC address (you can find the address of each device by opening the command prompt if you have one and entering ipconfig/all“). If you know the addresses of verified devices, you can add them to your wireless routers settings so that only those devices can connect to your WiFi network. Finally, ensure you’re running your firmware’s latest version by regularly visiting your routers settings page. Patches and software updates often address potential security issues.

7. Beware of Zoom and video conferencing

Working remotely often means relying on video conferencing software, which, in turn, creates potential security risks for the WFH.
For example, in the past, Zoom was forced to address security flaws after a series of attacks dubbed Zoom bombing.” In these attacks, uninvited people gain access to and enter another persons video conference to intimidate and harass other users. Although “Zoom bombing is derived from the Zoom app, similar incidents have occurred on other platforms.
The risks to your company are that if your video conferences are being invaded and monitored, sensitive information about your business or your customers can be leaked. Your staff may also suffer personal and potentially traumatic attacks from hackers.
In response to the Zoom bombings, the FBI issued advice to help users protect themselves while using video conferencing software. This includes:
  • Make sure meetings are private by requiring a password to enter or controlling guest access from a waiting room.
  • Consider security requirements when selecting vendors. Endtoend encryption offers important privacy and security, so check to see if any video conferencing software you use includes this feature.
  • Ensure your software is up to date by installing the latest patches and updates.

8. Make sure your passwords are strong and secure

ABC, 123, ABC123 NO! Passwords must be strong, long, secure, and unique: 12 combined characters, numbers, symbols, uppercase, and lowercase letters.
They also recommend adding a password screen whenever you access your laptop and other devices so that if your device is breached or falls into the wrong hands, it will be harder for a third party to access your sensitive files. We recommend using a password manager tool to help keep all your passwords safe.

9. Protect your online banking

If you are responsible for business accounts, ensuring that the money is stored and transferred as securely as possible is essential. The last thing you want is to run into a security breach in any of your online banking platforms.
First, using only reputable software and services to handle funds is essential. Use only the services you know and are familiar with. If youre unsure of the credibility of a particular platform, look for reviews and more information online before using it. Trusted institutions should include information for human contacts on their websites and people that customers can talk to if they have concerns.
When accessing a banking website, make sure you are logged in via a Secure Hypertext Transfer Protocol. The URL should include https:// rather than just http:// at the beginning. You should also see a padlock to the left of the URL bar of most Internet browsers, indicating that the website has an authenticated security certificate.
Hackers, scammers, and phishers may try to target you via email, social media ads, or phone. They can ask for your bank details to help you make large purchases or donations. Do not provide your bank details to anyone or transfer funds to unsolicited vendors unless you are sure they are who they say they are.
Remember that scammers may try to imitate your colleagues, clients, or professional organizations, including your bank, to trick you into providing sensitive information or transferring funds. Be vigilant, and dont be afraid to ask someone else for proof that they are who they say they are.

10. Beware of email scams

Emails are essential for communication between colleagues. However, emails are also one of the easiest means of communication to exploit and compromise.
In addition to drawing attention to phishing scams that are becoming more prevalent, they recommend the following measures to protect email accounts:
  • Ensure that emails can only be securely accessed through your companys VPN, which creates an encrypted network connection that authenticates the user and/or device and encrypts data in transit between the user and your services. If you already use a VPN, make sure its completely patched.
  • Staff devices are more likely to be stolen (or lost) when they are away from the office or home. Ensure your devices encrypt data while at rest, which will protect the email data in case of loss or theft. Most modern devices have builtin encryption, but encryption may still need to be turned on and configured.
  • Beware of phishing attacks that seem to take an increasing number of forms.