Common Sense Security While Working From Home

April 14, 2020

By Kevin Brady

Working from home (WFH) seems straightforward from a security standpoint for many of us. Wake up, shower (or not), get dressed (or stay in pajamas), walk all the way to your “office” (your computer at your kitchen island, table, a desk, or on the couch), power on and away we go! But there are layers of security that exist while in an office that we may be taking for granted in our new normal.

Here are a handful of things to consider:

  1. Wi-Fi: Most have a router provided by our Internet Service Provider, like Verizon FIOS or Optimum Online. Those routers are delivered with a “Default” network name and a password that’s written on the router. Very few of us change the network name and default password to something unique to us. It is important to take steps to secure in-home Wi-Fi by choosing a unique network name and a strong password that is only known by members of the respective household.
  2. Virtual Private Network (VPN): It is important for people to check with their workplace to ensure they are utilizing a VPN. A VPN creates a secure connection from a home network to a corporate network, which provides a layer of protection for any activity done over the web. Without it, employees are unable to take advantage of the various security configurations set up by a company’s information technology department, which can leave data exposed to hackers or malicious actors.
  3. Consider Physical Security: Depending what type of work done, data may become exposed to family members, landscapers, or other people passing by the work area. It could also be exposed to a spouse or child using virtual meetings for work or school. Therefore, it is important to ensure that sensitive documents are stored securely and that data on a workstation is not visible to others, whether by walking by or by seeing it in the background of someone else’s virtual meeting.
  4. Be Smart: Phishing attempts are skyrocketing. Hackers are taking advantage of the fact that many people are outside of their normal routine. Email attempts and phone attempts (phishing and vishing) are increasing to exploit vulnerabilities. As always, it is important to take precautions before clicking on links and ensure that the source of an email sent is valid before opening attachments. Shred sensitive or confidential documents. Don’t leave devices out or in the car.
  5. Connect with other Employees: Carve out time to reconnect with other coworkers. Create “virtual watercooler” or “virtual happy hour” meetings throughout the day using Webex or similarly secure virtual meeting applications. This will allow “face to face” discussions as opposed to doing everything over email or messenger.
About Kevin Brady

Kevin Brady is a Senior Manager in Process Risk and Technology Solutions with advisory, audit, and compliance experience including public accounting and private industry, and IT audit and risk services to clients in various sectors.