Information Security – Episode 3 Working from home
The events of the past two years have shaped us in countless ways, some positive and others with devastating effect. One thing is for sure though, it has forever changed the way in which we work. Remote working, hybrid working, VoIP, video conferencing and cloud infrastructure are all here to stay.
Your devices and network equipment will be maintained and secured at your workplace, but how do you apply the same stance to reducing risk when working from home? We thought we’d share our thoughts on securing your company sensitive information while allowing your teams the flexibility of working from home.
Every company has different technology needs and will be set up accordingly, but the one constant when working from home is the need for secure internet connectivity. If the company does not provide the employees with a router configured correctly to satisfy their security requirements, then here are some helpful tips when setting up your router for home working:
- Make sure you have changed the default password to your router
- Don’t identify yourself with your network name (i.e. Steve Smiths Wi-Fi)
- Make sure the router firmware is up to date (you can check your manual on how to access the configuration settings in the admin console)
- Change the default username and password for your router’s admin console
- Make sure the router firewall is enabled
- Check that the router is protected with the latest possible WPA encryption
- Position your router near the centre of your home
- Change the default IP address from the network settings in your admin console
- Use a static IP address
Once you’ve secured your router, you still need to consider the end device you are working on when accessing your company network or other sensitive data. If you are provided with a company laptop or desktop it should have an Anti-virus software installed which is configured to update virus signatures and to scan your system regularly for new viruses. If you are using a personal device, check your Anti-virus settings (if you have one) and make sure that they are optimised for live protection and that they look for updates daily. If you don’t have an Anti-virus program there is usually still a device firewall that comes with the operating system, such as Windows Defender. Make sure this is enabled and be sure to keep it up to date by updating your operating system as soon as a new release is available to you (i.e. Windows updates). Updates can contain essential security upgrades or patches so as a habit, we recommend installing them as soon as they are available or setting them up to update automatically.
Now that you’ve secured your connectivity and made sure that your end device is protected and up to date, you’re almost good to go. We recommend using a VPN to connect to company resources, or a remote desktop connection as an added security measure. Using a VPN basically jumbles any information as it travels back and forth between your network and the end device, making it impossible to read if it were intercepted unless a specific key is used to unlock the code - kind of like those letters we used to send in class in Secondary School.
Now for the trickiest part. Once you are up and running, it is important to try your best to behave in the same ways that you would as if you were in the workplace. Don’t visit sites or use applications that you wouldn’t normally use in the office. Be aware of your surroundings and ensure your screen is protected from prying eyes. We strongly advise that you lock your screen when you take a break, to set your screen to lock-out after a period of inactivity and to log off completely when you’re done for the day. You should make sure that you have a strong password to access your device, even if it is a personal computer and, you should be even more alert for phishing emails or other social engineering attacks.
If you need any assistance with optimising your home-working arrangements, get in touch with us today