Security: 11 Simple Guidelines for Your Remote Workforce

Cyber criminals see the coronavirus pandemic as an opportunity to target people working from home, security experts say.

The coronavirus pandemic has brought about a phenomenon we've never experienced before - a mass migration of workers from the corporate office to their homes. Think about your home network for a moment - do you have any clue what kind of security measures are in place on your home router, gateway, or modem? Probably not. The majority of us at least have WiFi passwords (that are unfortunately the factory set passwords that come with the router), but beyond that our networks are wide open.

With a lot of the workforce working from home, we are opening up home networks to new levels of criminal focus that have never existed before. And of course, criminals are all too eager to seize the opportunity.

Lock down your WiFi.
Change the default password. Immediately. Do not share it with your neighbors. Keep your work-related devices separate from your personal devices by utilizing multiple networks. Things such as baby monitors and video doorbells or security cameras are actually not very secure out of the box.

Be careful what you open.
Phishing emails and social engineering schemes have become rampant. What looks like an email from your CEO with a coronavirus update, or especially an email from your IT department telling you to reset your password is most likely a phishing email. Its best to call the appropriate person and verify.

Need to learn more about how to secure your remote workforce? Contact us.

Update everything.
Make sure your computer operating systems are up to date. That goes for your router and antivirus software, too. New computer viruses are always emerging, and you want to make sure your AV catches everything it can.

Passwords.
summer2014 might have been a great time in your life, but its a really awful password. Unfortunately, most systems require us to make this crazy passwords with multiple letters, numbers, special characters, etc. If you must conform to these limitations, do so. Otherwise, a much harder password to crack using brute force is a long random string of words: cherryblackredwoodflossingboxspoondrilling is much more difficult for password crackers to break than HCa7CXe$qjKtxQ.

Use a VPN.
Ideally, your company will provide a business-grade version of one of these for you. Do not download free ones. If you must find your own VPN to use, make sure you pay attention to privacy policies, data retention policies, etc. Feel free to contact Atlas7 for a recommendation.

VPNs are easy to create by hackers and you see them posted all the time on sites like Producthunt. Be careful. These services route all of your internet traffic, and you never know what your traffic will pass through before it reaches its destination. Many free VPNs employ third-party trackers that will gather your data, entirely compromising your privacy.

Enable 2FA wherever possible.
You should already be using two-factor authentication. Banks, email providers, and many other sites offer 2FA in their settings. Whatever 2FA method you choose (text notifications, authentication apps, or physical "keys" that connect to your phone or laptop) is going to be better than using a password alone.