The concept of remote work has been around for some time, and it’s only growing larger. More and more people are working from home each year, and the global COVID-19 pandemic has only sped up this trend. The benefits are clear. People don’t have to leave their homes – they can organise their time, work and avoid typical challenges with traditional employment. However, many people live in a bubble, thinking that working from home is completely safe.
As more and more businesses and individuals turn to online work, the percentage of cybercrime continues to go up. Most people think that only large businesses are exposed to cyberattacks, but this isn’t true. Anyone can get scammed or get their data stolen online. That’s why remote workers need to start taking the necessary steps towards securing themselves.
Remote working security tips
1. Don’t use public Wi-Fi
Working from home doesn’t strictly refer to working from home. Perhaps the better name for it would be working outside of the office. Why? Because some people prefer working from their home office while others enjoy working from a nearby park, library, restaurant, or even on the road. People who use public Wi-Fi to do work expose themselves and the companies they work for to cybersecurity risks.
The most dangerous public Wi-Fi attacks include man-in-the-middle, Evil Twin (WIFIPHISHER), AirCrack-NG, Passive Sniffing, and Cowpathy. These attacks enable hackers to get into your computer or company’s internal network, download, delete, or encrypt sensitive data, or take full control of your device and company’s server.
Public Wi-Fi is generally unsafe, and all the traffic you send or receive could be exposed to third parties. The repercussions of using it could be severe. What is the alternative? You can use your mobile data to do your work. Unlike public Wi-Fi, the internet connection through your carrier is encrypted and well-secured. However, if you have no other option but to use public Wi-Fi, the next tip will keep you safe.
2. Use a virtual private network
Once you set up your home office to your needs, you should start thinking about how secure your internet connection is. Falling victim to a cybersecurity attack or a phishing scam can set you back and even put your reputation at stake. There are many cybersecurity solutions to help you add additional layers of security. VPN emerges as the most versatile one, though.
VPN stands for a virtual private network. VPN is a service you can use to improve your online anonymity and security. It allows you to connect to the internet via a virtual network. You get to choose the location you want to appear to be connected from. VPN then assigns you a brand-new IP while hiding your true IP and location.
As an additional security measure, VPN uses industry-grade encryption protocols to scramble your traffic and make it unusable to anyone else but yourself. Due to its capabilities, VPN is a go-to solution for people who have to work on public Wi-Fi.
Now it may sound too technical for someone who never used it before, but in reality, it isn’t. According to WHSR, setting up a VPN and using it is fairly easy. The best thing about it is that you can use it on your dedicated work computer and smartphone to protect your data from cybercriminals.
3. Store data in the cloud
Our instinct is to store the data on local storage when working from home, be it a hard or thumb drive. While it is convenient, storing data on local storage comes with certain risks. The most obvious one is a failing drive. A drive can fail for various reasons, but the outcome is always the same – the data stored on it is most likely lost.
Then we have the revision history. Most software tools don’t have revision history, proving catastrophic if you want to restore the previous version. And finally, there are some types of cybersecurity attacks fatal for the data, such as ransomware and vishing or VoIP phishing.
We live in the era of cloud-native platforms. The offer of cloud storage solutions is enormous, making it very affordable. Cloud storage is far safer than local storage because it keeps its servers behind the best firewalls and antivirus tools, making it virtually impossible for hackers to get in.
Their servers are also secured from other hazards such as fire. The revision history has also become a standard feature in many cloud storage providers. Finally, they do regular backups as a contingency plan for unplanned events.
4. Learn to recognise phishing emails
Another common cybersecurity threat you should know about is phishing. Phishing attacks are often launched via phishing emails once the target clicks on the link. Phishing emails are emails that often impersonate legitimate organisations.
Their goal is to take advantage of the trust you have. Once you click on the link contained in the phishing email, you’ll be asked to provide some sensitive information, such as social security number, credit card info, and password.
At first glance, these emails appear real, but if you know where and what to look for, you can easily tell that it’s a scam. These emails usually feature a legit subject line and a story tailored to trick you into clicking a link and giving your data. Here’s how you can recognise phishing emails:
- Check if the domain is a public one – companies will never use public domains for business;
- Carefully inspect the email address – scammers often use misspelt domain names to play the credibility card;
- Poor spelling and grammar are common indicators of phishing emails;
- Mouse over the link in the email. If it doesn’t match the domain name of the company, it’s a scam;
- If a message creates a sense of urgency, it’s usually an indicator of foul play.
They usually offer free stuff, inform you that you need to make an urgent payment, or initiate a personal information confirmation process with your bank or other service providers. The most efficient way to protect yourself from phishing scams is never to open an email or click on a link that appears suspicious.
5. Protect your video conferences
The need for streamlined communications has spiked due to the remote work trend, and many business communication platforms such as RingCentral have suddenly become immensely popular. The same applies to commercial communication platforms such as Zoom.
Thanks to new technologies, you can now directly speak with your co-workers and managers and participate in live meetings. Video conferences make communication more efficient than text-based chat. They have become a big part of remote work and need to be protected as well.
There are several ways to protect your online meetings. Some of them we’ve already covered, such as using VPN. Video conferences are not encrypted, and VPN can help you encrypt your communication and keep eavesdroppers at bay.
6. Update software regularly
You probably use dozens of software tools on a day-to-day basis, forgetting that the devs who create these tools don’t always do a perfect job. All the tools, applications, and operating systems you use have security vulnerabilities that are “fixed” with regular updates.
Most of these tools have support for the automatic update feature. You can quickly patch the bugs and backdoors hackers can use with these updates. Go to settings in the apps you frequently use and enable it. It applies both to your computer and smartphone.
Smartphones are more straightforward when it comes to software update management. You can conveniently set the updates to trigger whenever you plug your phone to charge automatically. Some updates will require you to reset your device. Ensure to do so because you can only fix some bug fixes and security vulnerabilities after a complete restart.
7. Backup your site
If you are one of those remote workers in charge of a company’s or personal website management, you should pay attention to its security too. Something as simple as an outdated plugin can make your website vulnerable to attacks.
If you have your own site, you need to secure the data on it. The most important thing to do is have a contingency plan, and every contingency plan starts with website backup. Make sure to do it regularly so that you can restore your website if something unforeseen happens.
There are several things you can do to improve your website security. If you are using a CMS platform such as WordPress and Joomla, regularly update your CMS and plugins. The updates often contain bug and security fixes and help prevent hackers from exploiting any issues and gaining access to your website.
Your host’s security practices are also an important factor in keeping your website safe – you can even consider moving to a new hosting provider with better security measures. You stand to gain a lot from more secure web hosting, including:
- Regular security updates fix the security vulnerability issues and keep your site safe;
- Regular backups of your website;
- Real-time website monitoring for any suspicious activity;
- Your website will be stored in a private data centre with all the redundant protection measures to keep it intact;
- Secure hosting delivers an SSL certificate to protect your visitors’ sensitive data;
- The secure version of the File Transfer Protocol (SFTP) will enable you to upload files to your account safely.
8. Invest in anti-virus software
Anti-virus software has gone a long way, from protecting users only from viruses to complex cloud-based security solutions. Modern anti-virus tools can protect you from several cybersecurity threats ranging from adware and spyware to bots, viruses, and ransomware. Since you are doing your work online, anti-virus software is a must.
The latest anti-virus solutions provide umbrella-like protection. They will divert you from suspicious websites, prevent malicious website scripts from executing, and keep your device virus-free.
The heading of this section implies that you need to spend some cash on anti-virus software, but if you want to test it before buying, there are plenty of free anti-virus tools from top companies. If the basic features provide all the protection you need, you can stick with a free version for as long as you want.
9. Use two-factor authentication
Your username and password make the first layer of security for all your online accounts. However, since hackers deploy various methods to brute-force access to targets’ accounts, you should consider adding a layer. The solution you should consider using is two-factor authentication.
Two-factor authentication is a security measure that ensures you are the owner of the account you are trying to log into. Two-factor authentication uses SMS, email, or in-software confirmations to verify your identity. Please enable it on all your online accounts to improve security and thwart malicious login attempts.
10. Create strong passwords
Even though it might seem like an obvious thing to do, many people still don’t care about their passwords. With so many online accounts, one can easily lose track of all the passwords, so many people use the same simple password across different accounts. That’s a big no-no.
There are thousands of bots online trying to log into people’s accounts online. If you choose a simple password, your accounts are at risk.
It would be best if you had a unique and strong password for every account. A strong password should contain at least eight characters, caps letters, numbers, and special characters – some cybersecurity experts advise bringing the number of characters up to 12.
You can streamline the creation of strong passwords with password management tools such as Myki Password Manager & Authenticator, LogMeOnce Password Management Suite, Bitwarden, and PassHub. Most of them are free, and they get the job done. These tools will help you generate strong random passwords, encrypt, and store them for you.
11. Use your device for work only
If you want to bring up your cybersecurity game to the next level, consider using one of your devices exclusively for work. If you use your working device to surf the web and play games, you could potentially expose sensitive data.
You can accidentally pick up a worm on a random website or expose yourself to adware. If you use one device for work, you’ll significantly reduce the risks involved in spending time online. You’ll only have the software toolkit required for work installed, which translates into streamlined updating.
Not to mention the increase in productivity as you will no longer use your device to scroll social media, read news, or do whatever you do to get your mind off work for a “couple of minutes”.
The cybersecurity landscape is quite dynamic, and there is nothing you can do to be 100% safe. The best thing you can do is to follow the latest cybersecurity tips. The additional security layers will keep you safe as you complete your tasks at home.
Given that the new cyber threats emerge regularly, you should also consider staying tuned to relevant news portals and blogs in the niche. Keeping your data safe is an ongoing project, and its success depends on your commitment and discipline.
Get details on the security and trust built into RingCentral products and services.Download the white paper
Originally published May 26, 2021, updated Jan 16, 2023