Cybersecurity Tips for Creating A Strong WFH Security Policy
More businesses and individuals are now working from home (WFH) remotely through a home business network. There has never been more incentive as now for cybercriminals to start attacking home users. Remember how challenging it was to get online in the 90s without running into something nasty? Home users are notorious for using lax or nonexistent security policy on their home networks. Now many businesses are moving their data from a professionally secured office network to the WFH network of one or more employees. That spells trouble!
Even more problematic for WFH security policy is that many businesses and employees do not know how to secure a home business network. A home business also cannot afford to provide work devices or a system administrator. Thankfully, this is fixed easily with a home business security checklist!
WFH Cybersecurity Checklist: Software Solutions
o Password Manager
A password manager takes the grunt work out of using and managing secure passwords on a secure WFH network. A good password manager creates secure passwords for the user and stores them for later use. Check out the following free password manager apps:
- LastPass – LastPass has been one of the leading password management platforms for many years now. The desktop version is free. The use of the mobile version is limited to paid subscribers. Still, $24 annually is hardly anything to complain about when you are getting the peace of mind that comes with using a secure password management platform. Lastpass is available on Windows, Mac, Firefox, Chrome, and Opera.
- Enpass – Enpass is a free, open-source password manager that is unique in that it syncs encrypted passwords to Dropbox or OwnCloud instead of its server. While the iOS and OS X licenses come at a cost ($24 annual or $55.99 one-time), the Windows, Linux, and Android permits are free. Enpass also has extensions that work with the desktop client for Chrome, Firefox, Edge, and Opera.
- Bitwarden – Bitwarden is another open-source password manager that is like LastPass but carries more advanced multifactor login controls. It is free for Windows, Mac, Linux, and Android. Advanced security features come with a license fee of $9.99 annually.
o Secure Browser
The best secure browser avoids tracking and session cookies. It also warns users about insecure websites and blocks ads. While Google Chrome is a popular browser, there also is no way to avoid Google spying on a WFH user’s activities. The best choices right now are Firefox and Opera. Both been making fantastic progress in securing their browsers more from modern threats. Vivaldi is another excellent secure browser choice that uses the same page rendering engine and extensions as Chrome. Thus it is more likely to work on websites that require Chrome to work.
That really should go without saying, but there it is! An antivirus removes any viruses that may infect your computer, but an antivirus suite also does much more. Many antivirus suites now sport malware detection as well as system device (webcam) and identity monitoring to prevent snooping. While the best options are going to cost money (Kaspersky, Avira, Norton, etc.), there are a few free internet security suites that you can’t dismiss. Both Avira and Avast offer free antivirus software suites that are dangerously close to being as full-featured as paid apps are.
I honestly would not recommend anyone go without a VPN nowadays. It is so essential in the modern age to encrypt data transmissions that Opera has included one by default in their browser. Man-in-the-middle attacks steal data while being sent to other websites, and are extremely popular nowadays. Two-factor authentications have made cracking passwords a lousy business. So now, if a cybersecurity criminal wants access to a user account, they steal the session cookie from the user’s browser instead of trying to figure out their password. A VPN cuts that nonsense out by creating a fake IP address for the user to obscure their identity. It also encrypts all the WFH business user’s data going back and forth from the internet.
o Two Factor Authentication
All accounts that have a two-factor authentication option should have it enabled. Even secure passwords can be hacked in a short time nowadays. So, the only real answer to keeping accounts secure in the age of supercomputers is to use more than one form of identity verification. With two factor authentications, you also must supply a numerical code with your password, which changes every 30 seconds. You can retrieve the code from SMS, an automated phone call, a USB 2FA security key, or 2FA software such as Google Authenticator or Microsoft Authenticator. Since the 2FA code changes continuously, there is no chance for a hacker to guess it.
o Secure Home Wi-Fi Access Point(s)
Any remote WFH security policy should include a vital requirement that the employee owns their home business network. They should also require the user to be behind a router with a secure Wi-Fi password and a built-in firewall. Most ISPs (internet service providers) will supply a wireless router as part of their service. That is okay, but be aware these routers get targeted a lot because every ISP customer is likely to be using the same router. Treat them with just as much caution as a public access point. In other words: use that VPN if you want a genuinely private & secure network!
o Encrypted Storage
Working from home, you tend to acquire an extensive collection of documents and work-related data. This data may be a bit too sensitive to trust, laying out in the open on your hard drive. Encrypted storage solutions create a simple way to secure work data without having to go out of your way in terms of time or expense. There are free encryption programs for encrypting individual files, directories, or even entire drives.
o Encrypted Email
Fortunately, most of the popular email providers are providing encrypted email functions nowadays. Microsoft and Google, of course, are leading the pack. Paid solutions such as ProtonMail offer more advanced security features. Make sure that you are using these features when communicating confidential data that could prove useful in the wrong hands.
o Secure Domain Name Servers
Using secure DNS is an excellent way to reinforce the protection of your antivirus, firewall, and VPN software. Reliable DNS servers take extra precautions to protect you through blocking domains and IP addresses that are known to be problematic. Using a secure DNS can drastically reduce the amount of spam, phishing, spyware, and malware the users on your home business network are exposed to while working.
WFH Security Is About More Than Secure Software
While we have reached the end of this list of software solutions for WFH security, we haven’t finished with the overall WFH checklist. We still need to review critical online behaviors that can make or break the efficacy of your efforts to secure your home business network. For now, though, pat yourself on the back for having created the foundation you need to start working from home securely! In the next article, we will review a checklist for dos and don’ts, which help safeguard you and your employees against social engineering attacks.