Cybersecurity Tips for Strong WFH Security Policy
More businesses and individuals are now working from home (WFH) remotely through a home business network. There has never been more incentive than now for cybercriminals to start attacking home users. Remember how challenging it was to get online in the 90s without running into something nasty? Home users are notorious for using lax or nonexistent security policies on their home networks. Many businesses are moving their data from a professionally secure office network to the WFH network of one or more employees. That spells trouble!
Your home business network may be exposing your private information to the world, and you may not even know it! You won’t regret it! After all, how can you monitor your network if you aren’t even sure what information it contains? By following this ultimate security checklist, you can guarantee that your home business is as safe as it can be from hackers and other online threats.
Developing A WFH Security Policy
Hackers and cybercriminals can often exploit your trust in employees or third-party contractors to gain access. While we don’t want to scare you, we do want you aware of these threats, so they never become a reality! A few cybersecurity tips for creating a strong WFH security policy:
- Implement a robust authentication process for all business partners, employees, and contractors who have access to your network. This means using secure passwords, multi-factor authentication, or physical tokens.
- Always protect your devices by updating antivirus software, not opening emails from untrusted senders, and avoiding sketchy sites that may contain malware or other viruses that can infect your computers or devices.
- Be extra careful about accepting USB drives, flash drives, or CDs from anyone—even if they’re supposedly for work purposes—as these can quickly spread malware onto your computer system.
- 4. Never leave your devices unattended in public areas like coffee shops, hotels, or airports that have access to free Wi-Fi hotspots. Make sure you use a VPN at all times while traveling! If you want to know more about cybersecurity while working remotely, don’t hesitate to reach out! We love helping businesses of all sizes be more secure and keep their data private.
WFH Cybersecurity Checklist: Software Solutions
Cybersecurity starts at home in a WFH networking environment. The first thing you can do is to protect your software. Is your operating system up-to-date? Are you using a secure browser, such as Google Chrome or Mozilla Firefox? Make sure all of your programs and extensions are downloaded from trusted sources. When writing code for a new program, use secure programming practices and review it regularly for potential vulnerabilities. If possible, use open source code and contribute to it yourself! It’s also essential to make sure you always have the latest security patches installed on any devices attached to your network, including computers, smartphones, and tablets, as well as intelligent appliances like thermostats or TVs that are connected via Wi-Fi. You should disable automatic downloads of updates if your computer isn’t always on.
A password manager takes the grunt of using and managing secure passwords on a secure WFH network. A good password manager creates secure passwords for the user and stores them for later use. Check out the following free password manager apps:
- LastPass – LastPass has been one of the leading password management platforms for many years now. The desktop version is free. The use of the mobile version is limited to paid subscribers. Still, $24 annually is hardly anything to complain about when you get the peace of mind that comes with using a secure password management platform. Lastpass is available on Windows, Mac, Firefox, Chrome, and Opera.
- Enpass – Enpass is a free, open-source password manager that is unique in that it syncs encrypted passwords to Dropbox or OwnCloud instead of its server. While the iOS and OS X licenses come at a cost ($24 annual or $55.99 one-time), the Windows, Linux, and Android permits are free. Enpass also has extensions that work with the desktop client for Chrome, Firefox, Edge, and Opera.
- Bitwarden – Bitwarden is another open-source password manager like LastPass but carries more advanced multifactor login controls. It is free for Windows, Mac, Linux, and Android. Advanced security features come with a license fee of $9.99 annually.
The best secure browser avoids tracking and session cookies. It also warns users about insecure websites and blocks ads. While Google Chrome is a popular browser, there is no way to avoid Google spying on a WFH user’s activities. The best choices right now are Firefox and Opera. Both have been making fantastic progress in securing their browsers more from modern threats. Vivaldi is another excellent secure browser choice that uses the same page rendering engine and extensions as Chrome. Thus it is more likely to work on websites that require Chrome to work.
That really should go without saying, but there it is! An antivirus removes viruses that may infect your computer, but an antivirus suite also does much more. Many antivirus suites now sport malware detection and system device (webcam) and identity monitoring to prevent snooping. While the best options will cost money (Kaspersky, Avira, Norton, etc.), there are a few free internet security suites that you can’t dismiss. Both Avira and Avast offer free antivirus software suites that are dangerously close to being as full-featured as paid apps are.
I honestly would not recommend anyone go without a VPN nowadays. It is so essential in the modern age to encrypt data transmissions that Opera has included one by default in their browser. Man-in-the-middle attacks steal data while being sent to other websites and are extremely popular nowadays. Two-factor authentications have made cracking passwords a lousy business. So now, if a cybersecurity criminal wants access to a user account, they steal the session cookie from the user’s browser instead of trying to figure out their password. A VPN cuts that nonsense out by creating a fake IP address for the user to obscure their identity. It also encrypts all the WFH business user’s data going back and forth from the internet.
Two Factor Authentication
All accounts that have a two-factor authentication option should have it enabled. Even secure passwords can be hacked in a short time nowadays. So, the only honest answer to keeping accounts secure in the age of supercomputers is to use more than one form of identity verification. With two-factor authentications, you also must supply a numerical code with your password, which changes every 30 seconds. You can retrieve the code from SMS, an automated phone call, a USB 2FA security key, or 2FA software such as Google Authenticator or Microsoft Authenticator. Since the 2FA code changes continuously, there is no chance for a hacker to guess it.
Secure Home Wi-Fi Access Point(s)
Any remote WFH security policy should include a vital requirement that the employee owns their home business network. They should also require the user to be behind a router with a secure Wi-Fi password and a built-in firewall. Most ISPs (internet service providers) will supply a wireless router as part of their service. That is okay, but be aware these routers get targeted a lot because every ISP customer is likely to be using the same router. Treat them with just as much caution as a public access point. In other words: use that VPN if you want a genuinely private & secure network!
Working from home, you tend to acquire an extensive collection of documents and work-related data. This data may be a bit too sensitive to trust, laying out in the open on your hard drive. Encrypted storage solutions create a simple way to secure work data without going out of your way in terms of time or expense. There are free encryption programs for encrypting individual files, directories, or even entire drives.
Fortunately, most of the popular email providers are providing encrypted email functions nowadays. Microsoft and Google, of course, are leading the pack. Paid solutions such as ProtonMail offer more advanced security features. Ensure that you are using these features when communicating confidential data that could be helpful in the wrong hands.
Secure Domain Name Servers
Using secure DNS is an excellent way to reinforce the protection of your antivirus, firewall, and VPN software. Reliable DNS servers take extra precautions to protect you by blocking domains and IP addresses that are known to be problematic. Using a secure DNS can drastically reduce the amount of spam, phishing, spyware, and malware the users on your home business network are exposed to while working.
WFH Security Policy Is About More Than Security Software
Most small business owners know that securing their network is essential, but they may not realize how easy it can be compromised. The best protection comes from following a complete security checklist—from physical barriers to secure software. However, even if you follow every step in your security checklist, no form of security is 100% foolproof. So make sure your home office has its unique locks and entryways so you can keep an eye on who’s coming and going when you aren’t there. While you might have someone come out for bi-annual rekeying of your locks, take time before work starts up again to remind everyone in your home office what to to do if someone breaks into your home office when you are away! Ensure everyone knows who should contact whom if something happens or seems suspicious while you aren’t there! Security isn’t just about software — it’s about people too!
Since WFH security policy isn’t just about software but people, certain online behaviors should be avoided to promote the highest level of security on your WFH business network. We will be covering a list of these behaviors and other remote working tips for WFH employees and contractors, so keep tabs on this blog for upcoming updates.