It seems like overnight most of us joined the remote workforce. Even for companies that already have the infrastructure in place to handle a situation like this, it has made for the ultimate stress test.
For other businesses, it’s been a wake-up call as many now find themselves building the proverbial boat as they’re floating down the river.
As we continue into the new temporary reality of long-term remote work and social distancing, I’ve been thinking a lot about the security considerations of working from home versus working in the office.
It may seem like it’s just a matter of setting up your laptop at home and “presto!” you’re at the office, right?
I wouldn’t say that it’s quite as simple as that.
With people trained to expect certain protections and take certain precautions when “at work”, it can be challenging to shift that mindset when you’re still doing your work away from the office where you may not be as protected.
Kelser is in a unique position to view the entire “work from home” picture. We help businesses setup and optimize their remote workforce capabilities as well as use remote work capabilities ourselves. We’ve also been providing peace of mind through managed cybersecurity services to companies in New England for years.
As such, it dawned on me that there may be some blind spots people may overlook as they’re transitioning to a primarily remote work situation.
It’s all about making sure that you’re keeping information security top of mind as you and your employees work from remote sites.
Don’t let the comfortable surroundings of home lull you into letting your guard down.
So, I put together these five main tips to help keep you and your employees protected when you’re working at home.
1. Consider turning off or unplugging your Alexa, Google Assistant or other AI assistant while working.
If you’re having confidential conversations while working from home, you can’t be sure what your virtual assistant in the room is or isn’t recording. It’s not a far-fetched scenario to imagine one of them capturing part of your conversation to be sent back to home base for any number of reasons.
Though I’m sure the companies that make these products have plenty of security layers and protocols in place, is it worth the risk to potentially find your conversation in an online repository of stolen data some day?
2. Be especially diligent about phishing, spear phishing and other social engineering attacks during this time.
There’s plenty of fear, worry, and other heightened emotions during this crisis. Unfortunately, that makes ideal conditions for cybercriminals trying to trick you into divulging information or clicking something you shouldn’t.
There have already been reports of the increase in coronavirus-themed malware and phishing attacks but keep an eye out for more typical phishing attempts.
As you can see in the segment below where I discuss work-from-home cybersecurity with NBC Connecticut’s Dan Corcoran, Dan has already been receiving phishing attack attempts offering hard to find supplies to help combat the spread of COVID-19.
These attacks will likely become more frequent with the increase in people working remotely and not as readily able to identify if an email or request is legitimate.
Remember to always follow up directly with someone outside of email or the channel you received the suspect communication from if you have any hesitation about its legitimacy. Continue to “think before you click” in any situation where you receive an unexpected link.
3. Don’t compromise security for the sake of convenience.
As I mentioned in the Bismark Tribune, "you may be safer from coronavirus/COVID-19 at home, but company data likely is not,”. I give a hypothetical example in my video (around the 3:50 mark) and also on a recent episode of Metro Hartford Alliance Presents: Pulse of the Region (around the 13:00 mark) but a reminder to always be keeping security top of mind as you try to navigate ways to still be carrying out your responsibilities while in a remote environment.
Remember to shred confidential documents. Don’t put secure, confidential documents in unsecured places or places where your company doesn’t have control over that data (examples could be your personal PC or personal email account).
4. Consider moving your connected IoT devices to a separate network.
If you’re like me, you likely have a bunch of Internet of Things (IoT) connected devices such as a thermostat, audio systems, home automation systems, security systems, and others on your network. That network is likely the same one your work device is now using.
Though reputable IoT device manufacturers take steps to keep their devices secure, it’s a best practice to move your wi-fi connected IoT devices to your home guest network. That way you have layers of protection in place between your home and work devices if something were to happen.
5. Know what protections are (and aren’t) covering you while you’re working remotely.
As I was recently discussing with the Hartford Business Journal, office networks are typically more secure than home networks. Keep that in mind as you’re working at home.
Some offices have the ability to “extend” the corporate network into users’ homes – providing them many of the added protections covering them when they’re physically in the office.
It’s important for both you and your employees to know what is different from a security standpoint between their regular working environment and their new temporary one.
Wrapping Up
I hope these thoughts and tips will help keep you working safely and securely from home.
If any of these topics have sparked a thought you’d like to talk about or if you’d like to discuss any of these topics further, please reach out to Kelser as we’re happy to help.
At Kelser we’ve been helping our clients harden their cybersecurity defenses and get their remote workforces up and running for years. We practice what we preach so we know first-hand how our remote and cybersecurity solutions play out in the real world. This allows you and your remote employees to focus on helping your clients while everything continues to work securely behind the scenes.
Stay healthy, stay safe, and we’ll all get through this together.
