The impact of remote work on cybersecurity: Tips for staying safe
Remote work has seen an incredible boost during the pandemic. As governments and organizations scrambled to get things under control, many workers and students suddenly found themselves in quite the different work environment.
While the pandemic has more or less come to an end, it is clear that remote working will be used more widely than before in many sectors. Working from home has advantages, both for individuals and businesses. There is no daily commute to work and certain things that had to be done after work, like doing the laundry or going grocery shopping, can be done while at work.
Work from home scenarios introduced new risks, on the other hand. Since many employees had to use their own devices, risks associated with using those would suddenly come to the forefront. Even with devices provided by organizations, employees suddenly would face additional risks.
How to stay safe when working from home
The rise of remote working has given rise to certain types of threats. These include phishing in its various forms, but also malware attacks and other attacks exploiting new work scenarios.
The following list of tips may help people who work from home stay safe, while they do so, and mitigate certain risks associated with remote working.
Tip 1: Keep the operating system, software and also hardware up to date
Outdated software products may have security issues, some of which may be exploited actively on the Internet.
Most of the important applications and operating systems are configured to update automatically. It is still a good idea to run update checks regularly, to make sure nothing was missed.
A good precaution is the creation of backups, which may then help recover a system if updates introduce issues. Paragon Backup & Recovery is a free backup solution that is available for Windows.
Hardware may also have security issues. These may be patched with firmware updates. Some may be provided by the operating system, others may need to be installed manually instead.
Tip 2: Separate work from home activities
The best option here is to use a dedicated device just for work, and don't use it for any other activities. Sometimes, this may not be possible, for instance, when businesses do not hand out work devices to their employees.
The next best thing then is to create a dedicated work account on the device, and use it solely for that. It is also important that the account or work device is properly secured, and that other family members or others who may come into contact with it, can't use it.
Tip 3: Use antivirus and security software
Antivirus software should be installed and used on work from home devices. This can be a built-in solution that ships with the operating system, or a standalone solution.
Additional security products, such as dedicated firewalls or advanced security tools, may improve security, but they also increase complexity. The software needs to be up to date.
Tip 4: Education is key
Employees need to be aware of threats that they may face while working from home. Phishing, for instance, has been around for a long time, but people still fall for it as if it would be a new trend and not something that is decades-old.
Employees need to be able to differentiate between legitimate emails and malicious ones, and be encouraged to contact support whenever they are in doubt.
Tip 5: Secure the home network
Use the strongest security option that is available and supported to protect a wireless network. Pick WPA3 if available and supported by all devices, otherwise pick the next best option that is available.
Some wireless networks may support additional security features, such as enabling Enterprise WPA with 802.1X, which authenticates each user individually.
Speaking of network access passwords, make sure they are not easy to guess or crack.
Tip 6: Use strong passwords, 2-factor authentication or other advanced authentication options
Weak passwords may give attackers access to online accounts, services or files just by guessing the password. If available, enable 2-factor authentication to add a second layer of protection to the account.
Modern authentication options, such as using passkeys or hardware security keys, may improve the security of accounts significantly as well.
Bonus Tip
There are lots of smaller things that may make a difference. Using a device with a webcam lid, or buying a lid, may protect users from webcam spying. VPN services may improve security, as they protect data, especially when public wireless connections are used. Smart devices, especially those with listening capabilities, should not be in the same room as work devices.
Now You: did we miss a tip? Let us know in the comments.
These security advices do not seem very specific to work at home.
A threat that was not mentioned was surveillance by the employer itself, through company provided computers, of if not company provided, through software. While common on company sites, work from home may be an excuse to attempt to make it even worse.
About the webcam lid, an opaque piece of tape is enough, and should always be used on every device cam (even mobile phones). Easy to remove and put back in place. If worrying about glue remaining on the cam after removal, just place a tiny piece of paper on the adhesive side of the tape where it’s going to be against the cam itself. And if you insist to buy a lid, be sure that it’s actually opaque. Funnily enough, and faithful to their tradition, the NSA distributed cam lids that were subtly not opaque and could be seen through:
https://twitter.com/EFF/status/1091449476613468160
38.52% – AI GPT according to ZeroGPT–
Apparently, few readers/users are working with ChatGPT-4 and generating sample work to understand the program and the resulting AI compositions.
The article above was so formulaic and AI structured that I didn’t hesitate to initiate a quick check/scan on ZeroGPT. [Use whatever detection service you want.]
The problem with the article above isn’t that ChatGPT-4 or Bard is being used to assist in well-written articles; it’s being used to compose entire paragraphs which are then used without any editing/revision.
Failing to acknowledge the use of AI in writing is the new form of “plagiariasm.”
@John G.- ? Why should we comment to AI?
Remote work security? It’s risible. If the US can’t contain highly sensitive/secret information, what makes someone think he/she can outwit a hacker?
https://www.cnn.com/2023/04/09/politics/pentagon-leaked-documents-us-spying-allies-foes/index.html
Serious breach!
Yes, the article reads a little generic in places with regards to security. Using AI text generating tools is potentially a cyber-security risk in itself.
“[…] Why should we comment to AI? …”
<sarcasm>
Because it potentially gives any heavily AI generated
contentsewage more credibility if you do comment (as if it were legitimate). How cool is that? 🙃<sarcasm>
I certainly would sign a labelling petition as discussed (https://www.ghacks.net/2023/04/07/green-technology-driving-sustainable-development/#comment-4563417) about being transparent with any AI generated articles.
A ‘detector bot’ may fail with this post (and falsely accuse it as fake) for the simple reason; it cannot cope with the URL I used above.
Hallowed be the memory of the Lost—
If you live in rented accommodation where the landlord or letting agent insists on doing inspections, try to time these inspections so that you are not working when they are in the property, so that they can’t overhear conversations or see what is on your screen.
Use a green screen or blank wall if using a webcam as the furniture helps to identify things that may be of value. Use services that support E2EE, such as mumble, in preference to those that dont
Always use a VPN – one of the first things you should do. It’s not a “bonus tip”.
Although, many businesses, at least in Australia, have been told all VPN users are criminals and are blocking them. It’s costing them sales to stop the allged one bad actor, but still I would recommend using a VPN always. If your business doesn’t have one set then use a public commercial on, but never a free VPN.
And of course, don’t use google services or products.
The use of VPNs for near everything is becoming a great problem, mainly because of the low speed and reduced stability of the image and sound while doing online streaming. And also we must consider the freezings and the lost signal issues, not a good idea for working seriously. Here at my class we are not allowed to use VPNs to connect to the signal broadcast. Just two things to add, a) the best browser to do remote work is Edge, unexpectedly, no single problem at all after more than one hundred online streaming (Chrome failed at least twice per week, Firefox did several freezings and lost connections with Teams). Safari for MacOS is even better than all of them.
2020 was an nice time doing pc formats..
Not like 2021, that was a bad time with the release of Windows 11.
Choose your spot wisely to limit what the camera can see.
Sit with your back to a blank wall or windows with closed blinds. If you don’t live alone make sure to use a spot where no one will need to walk behind you.
If your employer supplied the device, they can see and hear everything the device does if they so choose, don’t ever forget that.
Also always use an anonymous screen for your camera, and always disconnect your camera and microphone (unplug/USB) after use.
Not bad recommendations, the less the others can see, the better protection you have.