For nearly two years, remote work has become a business-standard. When the coronavirus pandemic started, many companies weren’t prepared with the necessary security protocols to work remotely securely. During this time, many new businesses started without the proper security measures in place, opening up additional ways for cybercriminals to get ahold of sensitive information.
Whether you are working for a large company or are starting your own business, Imagineering has put together 9 ways to maintain security to protect yourself at work and at home:
1. Secure Your Wi-Fi
When working from a home office, it is imperative that you secure your Wi-Fi. It may be general knowledge to ensure you create a password for your Wi-Fi, but you should also change the default Username & Password on your router. The defaults are public knowledge and can be easily hacked. Additionally, it is good practice to use a different — and strong — password for your router from the password you use to access your business’s network.
2. Perform Regular Updates
It is important for you to perform regular updates on all devices and applications to ensure your environment is fully functional and secure. By patching your system frequently, it ensures there are no holes or backdoors that cybercriminals can use to find a way into your system. Common areas that need patches include operating systems, applications, and network equipment.
3. Use a VPN
It is a good idea to use a virtual private network (VPN) whenever working remotely. A VPN will encrypt all traffic leaving your device until it arrives at its destination, meaning your information remains secure in the cyber universe. Additionally, you should get into the habit of using a VPN whenever you use a public Wi-Fi network, such as in a coffee shop, hotel, or airport.
4. Create Strong Passwords
Create strong passwords for all of your accounts. Utilizing a password manager will assist in your password creation and recall by securely storing your passwords in one place, with only one password to remember. This will help protect your business from password-related data breaches and cybersecurity threats, while also making your business processes more efficient.
5. Enable Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a verification method that requires two or more authentication factors to gain access to a website, network, or application. By setting this up, you are requiring an additional method of verification beyond just a password. This ensures security for your business in case a password is stolen or leaked in a breach. Enabling MFA on all accounts that are available is the best way to keep your accounts secure.
6. Delete Old Accounts
If you no longer use an account, delete it. Out of sight, out of mind is what cybercriminals are hoping for as they try to hack into old accounts. Many old accounts use old passwords that may have been revealed in a data breach. The issue arises when you don’t use the account, then you don’t think to change the password.
7. Educate with Security Awareness Training
In the world of remote work, it is important to train users on how to spot phishing emails. Educate employees using proven training programs, such as KnowBe4 Security Awareness Training. Designed to teach and gauge employees’ knowledge of cybersecurity threats, Security Awareness Training educates users on red flags to look for, reducing the number of successful phishing attempts.
8. Sign a Security Policy
Have employees sign a security policy that provides clear direction on the procedure in the event of a security breach or disaster. A robust security policy standardizes processes and rules to help organizations protect against threats to data confidentiality and integrity. Items can include areas such as:
- Acceptable usage policy
- Antivirus management
- Backup and disaster recovery
- Change management
- Cryptography usage
- Data and asset classification
- Data retention
- Data support and operations
- Data usage
- Email protection policies
- Identity and access management
- Incident response
- Insider Threat Protection
- Internet usage restrictions
- Mobile device policy
- Network security
- Password and credential protocols
- Patch management
- Personnel security
- Physical and environmental security
- Ransomware detection
- System update schedule
- Wireless network and guest access policy
9. Put a Disaster Recovery Plan in Place
A disaster recovery plan details how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks, and any other disruptive events. These plans should be put in place for your home office, as well as a physical office if you have one. Ensure you are practicing the steps of the plan at least once a year to ensure your business can get back up and running smoothly and efficiently.
It is possible to do remote work securely. It is important for your business to take the necessary precautions to ensure your sensitive information stays secure as cyber-attacks become more sophisticated. Stay cyber aware and keep these 9 tips in mind as you continue to build your business and security plans.
Secure Your Business Today