Improving your cybersecurity at home
This article was originally written for publishing on the company blog at PKCG, and has been cross posted here.
With the sudden move to working from home, and without the protection of enterprise grade firewalls, antivirus and other protections afforded on your office network, it’s more important than ever to be vigilant against cyber criminals.
Use your home computer, like you would use your computer at work
The number one cause of compromise that we see is human error, whether that’s clicking on a phishing email and entering your details or downloading something that is malicious. Chances are when using your work computer, you are super cautious about the emails, attachments, and links that you open. You should be taking these same exact steps when working from home.
Remember, it isn’t just your personal system you are putting at risk, but company resources too!
Use strong passphrases
Strong passphrases are the first line of defence for your accounts. See our post on passwords and passphrases here for our recommendations. You should use a different passphrase for your computer, each application, and website you use - particularly those that you have given personally identifiable information (PII). Using the same email address and passphrase across websites will mean if one site is compromised, then all your accounts are at risk!
We recommend the use of a password manager such as 1Password, Dashlane or LastPass. If you’re storing passwords related to work, we can give you access to MyGlue.
Keep your devices up to date
Keeping your devices, including the operating system, any applications you have installed, and for computers, drivers and firmware, is essential to reduce the number of vulnerabilities that can be used to access your device. Updates also deliver new features, and can sometimes improve performance too!
Use reputable anti-virus / anti-malware protection
Anti-virus or anti-malware protection is another layer of security that provides protection for your computer against malicious threats. It’s important that it’s kept up to date with the latest signatures, and if it doesn’t run in realtime then you should be scanning all files you haven’t opened before.
If you’re a current client of PKCG, you are more than likely are using Sophos Intercept X at work and we can install this on your devices at home too!
Use secure Wi-Fi
While the Wi-Fi network at the office is likely to be secure and encrypted, the same might not be true for your connection at home. If you risk using an unsecured network while working remotely, you could be allowing nearby cyber criminals a route into the company network. It’s trivial for cyber criminals to set up an unsecured network and “sniff” all the traffic going over a wireless connection.
Back up your data
Storage is cheap, you can use either an external drive or back up to the cloud. Unplug your external drives when not in use, and store them in a secure place. If your backup software supports it encrypt your backups with a strong passphrase too.
Cyber criminals don’t always want to steal your data, sometimes they want to encrypt it and keep it at ransom. Make sure you test your backups too, firstly to make sure they are happening, and secondly to make sure you can recover data from them.
Don’t forget physical security too!
Lock your computer when not in use, even if it’s only for a short period of time. Make sure your mobile devices have a passcode set, and set up the ability to find or wipe devices remotely if possible.
It’s much easier to access your information if other people have access to your devices.