By Devashish Sharma, CTO, Flock
Post Covid-19, a lot of the companies, who were earlier hesitant to let their employees work from home, will resist the remote working model much less. The coronavirus pandemic will change the world of work and leaders would become open to giving their employees more control over their schedules. For employees and teams to work from home smoothly however, IT teams need to provide technical support at all times. This makes IT security extremely crucial with the workforce having access to confidential organisational data from their homes.
In such a scenario, how does one ensure data/system security while working from home? Here are four easy steps that can help you keep your data secure.
1. Prevent unauthorized system access
Cybercriminals and hackers are everywhere, looking for an opportunity to hack into your system and gather important confidential data. And if you think they are going to let you off the hook during these difficult times, you are mistaken. The fear of unauthorized access is way higher during these times as hackers know a large portion of the population is working from home. Every small and medium business needs to have a strong access control policy defined for their employees.
So how does one prevent unauthorized access?
More than half of the data breaches happen due to weak or old passwords. Use passwords, and strong passwords and change time at regular intervals. Do not write down your passwords on your laptop/computers.
If you move away from your computer, even for a washroom break, lock your computer. It doesn’t matter that you’re living alone and don’t have anyone around.
There are multiple tools available to see if your password is compromised.
2. Require two-factor authentication/multi-factor authentication
An increasing number of companies are requiring two-factor authentication when employees log in to their devices/accounts.
Two-factor authentication adds a layer of redundancy to ensure that only the actual account owner can access their account. A hacker could steal an employee’s password, but they probably won’t have a phone that receives the verification code or commonly known as OTP. Also, the hacker wouldn’t have access to a fingerprint, which is used in some systems. Honestly, adding one extra layer to the login process could make a lot of difference in keeping hackers out.
Two-factor authentication systems can also serve as a type of alert when an unauthorized user is attempting to log in to an account. This will help you know when you need to change your password or contact your IT team about a potential threat.
3. Beware of phishing emails and messages
According to a recent report, phishing scams and malicious COVID-19 links have grown from 15 in January 2020 to 54,772 in March. If you ever receive an email around PPE’s, masks, hand sanitizers etc, think twice before clicking on the link. There is an increasing number of cases where employees receive such emails, which once clicked on provide an inroad to hackers with malicious intent.
4. Secure your home networks
Even if you have a separate work laptop provided by your office, while working from home, you’d be using your home Wi-Fi. And your organisation’s IT team has no control over it what so ever. Changing password to something far more complex than just names or birthdays of family members is the most basic step in securing the home network. In case the IT team of your organization fails to install a VPN client, you can always secure the WiFi network or individual devices, as you prefer, by subscribing for a paid VPN service.
Use a virtual private etwork (VPN) on your work device before connecting it to your home network is another security practice that should be followed. However, make sure to avoid free VPN’s as they are not safe and usually compromise security, killing the purpose of using it in the first place.
These are some important tips that you can follow to safeguard your systems from being compromised and falling victim to a cyberattack!
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]