4 Ways to Stay Secure While Working From Home

It’s been nearly a year since millions made the move to a home office.  Working from home (WFH) has become the new norm for many, and it’s hard to tell when, or if, that will change.  Staying secure online is important, regardless of your physical location.  When you’re not on your company’s network, you’re more vulnerable to cyber attacks.  Luckily, there are some really simple ways to defend yourself and your organization from risks.

WFH Security Snippets

1. Think twice when reading email.  Phishing attempts have become more sophisticated and are more difficult to identify.
   • Stop before you click on a link or open an attachment. Look at the sender’s address – do you recognize it? does the domain match the company’s website? are you expecting a link or attachment from the sender? If you can’t answer “yes” to all of those questions – call the sender to confirm the email is legitimate.  No one will mind a quick check-in if it means additional security on both ends.
   • If you receive an email from a site or service to which you subscribe, use an approved app or visit their site by typing the address into your web browser.  Log in that way – not via an emailed link.
   • Reputable, reliable companies will not email you to request personal information, including usernames or passwords.
2.  Passwords. Passwords. Passwords.  They’re required for everything, they’re an easy way for a cybercriminal to gain access to your world, and they’re a critical line of defense when protecting yourself and your organization.
   • Use a unique password for every account.  Change it often – it can be easy to forget to update passwords, so you may want to set a calendar reminder to do so every 60 to 90 days.
   • Passphrases are naturally complex and difficult to guess. Simply substituting a symbol for a letter (ex., @ for a, or ! for i) doesn’t make a password complex.  Hackers can easily guess that you’ve included a $ instead of an S. A passphrase is more complicated for someone to guess, but can be easy for you to remember.  Think of a favorite song or childhood memory and put some of those words together in a unique way, for example, PurPlePe0Ple!YuM.
   • Consider a password manager like LastPass. Password managers can either store the passwords you create or they can generate them for you.  Another protective measure?  If you’ve reused passwords on multiple sites, your password manager will alert you to the danger and suggest you make a change.
3. Take advantage of Multi-Factor Authentication.  Multi-factor authentication (MFA) requires something you know (your password) and something you have (typically a phone).  When you log in to an account that is protected by MFA, you are prompted to enter a code that is sent via text to the number on file, or authenticate using an app like Duo.  Even if someone obtains your password, MFA will prevent them from logging into an account (unless they also have your phone).  This extra step can be frustrating if you’re in a hurry, but the damage done by a compromised account is much worse than a small inconvenience!
4. Restart regularly and install updates.  Most businesses have processes in place to automatically install updates on their computers.  Having a system that’s up-to-date is important because outdated software or drivers can be more susceptible to cyberattacks.  Often times, to finish an update cycle, you’ll need to restart your machine, so while it’s tempting to snooze repeatedly, follow trusted prompts from your system to reboot.  Reboots also help to clear out any behind the scenes processes that may actually be slowing you down, for that reason, we recommend restarting your computer at least once a week.  Keep in mind that updates can take a while, so while you’re working from home, try restarting during a lunch break, or at the end of the day – then you’ll be ready to hit the ground running when you get back to your desk!

Online security is always important and requires even more diligence when you’re working from home.  Carefully consider the emails you receive, be creative and protect your passwords, use multi-factor authentication, and keep your computer updated and running smoothly.  Don’t let your guard down just because you’re secretly wearing sweatpants and have a dog (or two) sleeping under your desk!