Working from home needn’t mean compromising on IT security

Although we’re tending to overuse the phrase ‘the new normal’, there’s no doubt that 2020’s changed working conditions present a challenge to IT departments across the world. HOST100’s handy guide will help you and your colleagues deal with these new circumstances.

Network

Computers are first and foremost communications devices, so network security has to be the Number One priority in anti-hacker policy. Wi-Fi in particular gives IT professionals sleepless nights!

  • Never use public Wi-Fi. That means absolutely no company communications from free hotspots on the high street.
  • Avoid using personal mobile hotspots like the one built into your smartphone. If hackers have compromised your phone, they’ll be able to use the connection to access your company network.
  • Don’t trust your home network. Your router password probably hasn’t been changed since it was installed, and you can be sure your kids have shared it with all their friends. Consider installing VPN software for improved security – see ‘Software’, below.

Hardware

Many home computers are outdated, making it difficult to secure them to 2020 standards. That being so, your company may opt to issue you with a secure laptop.

  • If you find yourself doing sensitive work on a shared home computer, set up a passwording system to prevent family members from accessing your folders.
  • Don’t forget the media! USB sticks are particularly dangerous, since they can so easily be mislaid on a train or in a cafe. If you’re using external backups, consult with your IT department about setting up encryption to make them unreadable to third parties. (It’s surprisingly easy to do.)

Software

The best software is always that installed by your IT department. If you’re supplying your own, make sure that your OS and apps are up-to-date, and that they meet the approval of your IT guys.

  • VPN software can secure all your communications with the office via point-to-point encryption… and it’s always a good idea to install an up-to-date antivirus program, even a freebie like Avast.
  • Conferencing, chat and other collaboration applications are obvious targets for cybercriminals, so look to your IT manager for a clear lead on what sort of information you should be sharing on these tools.
  • Whatever software you use, avoid oversharing your screen – you don’t want to give away some vital piece of PII!

Passwords

According to the old IT cliché, passwords are like items of underwear – don’t share them, and change them often. Recent developments make it easier than ever to keep your passwords squeaky-clean.

  • Two-factor authentication is now the default on systems like Office365, and it’s easy to implement (assuming you have access to a working smartphone).
  • Password management programs like TheKeeper make it easy to create and store complex passwords, so there’s no excuse for using your maiden name or that of your favourite footballer.

Email

At HOST100, we never send company data to personal email accounts. Personal emails are vulnerable, especially if protected only by a single weak password. Besides, sending data to a GoogleMail account or similar could put your company in breach of the GDPR. But there’s more to email security than sticking to the company domain.

  • Check destinations. One good typo will send your sensitive data or information to the wrong destination… with no hope of recovery. Take a second to double-check every address field.
  • No phishing! If you’ve received a dodgy-looking mail, review it carefully. Chances are the return address or secure payment field won’t align fully with expectations.

Feedback

Consult, consult, consult! Security is a set of shared practices, not a personal crusade.

  • Tell ’em about it. If you spot a potential risk, make sure you brief your colleagues.
  • You’re not perfect. Report near misses to your IT security teams. It’s likely that others will have made the same mistakes as you, and sharing this information gives colleagues an opportunity to modify policies and so help prevent any re-occurrence.

Protecting your company is a shared responsibility. With care and good working practices, homeworkers can contribute to that effort.