“Work From Home, The Goals are Simple: Safety and Security”
Keep your computer protected like you protect yourself:
Most companies invest greatly on security infrastructure in the form of
- Next Gen Firewalls for network layer protection and intrusion detection.
- Endpoint Security on servers, desktops and laptops to protect from viruses, trojans and malware.
- Agent software that locks down infected devices, data loss prevention rules that prevents confidential data from leaving corporate machines and so on.
At home, it is quite hard to provide that level of protection, but leaving a computer vulnerable when there is corporate data stored in it renders a huge risk, because if they get stolen or destroyed, it’ll be your neck on the chopping block.
To prevent anything like that from happening, it is vital that you make sure of the following:
Every day before connecting to the corporate VPN, you should make sure to check that the antivirus software is running. You can see the respective icon on the taskbar if its loaded and working.
The VPN connection should be terminated once your work has been completed, else it leaves an easy unprotected path for any malicious traffic to cross over to your corporate network.
Visiting sites providing free movies and shows (Putlocker,GoMovies etc) brings another big risk to the table as these are loaded with malware which could be embedded with zero day vulnerabilities that your corporate AV hasn’t been updated to protect yet. So avoid checking into these sites on your corporate laptop.
Keep Windows updated as you don’t have a corporate Windows Update Server doing all the hard work for you anymore.
Protecting the computer itself won’t help if an attacker connects to your Wi-Fi or takes up residence inside your router. Anyone who does that can intercept everything you send or enter online, including passwords for remote access or corporate mail. Therefore, it is imperative to secure your wireless network with a minimum of WPA2 encryption and a strong password.
When it comes to passwords, we all know the Golden Rule:
“Passwords are like underwear: Change it very often and don’t share it with strangers.”
Use corporate services for e-mail, messaging, and all other work
Your company most likely has a set of IT services that employees use, such as Microsoft Office 365, Sharepoint, a corporate messenger like Teams or Slack. Those tools are secured by the IT team but from the security guy’s perspective, “The weakest link in the chain is the User”.
Don’t be that “User” as sometimes a malicious — and highly convincing — message can sneak into corporate mail. This is especially relevant to working remotely, because the amount of digital communications increases sharply when people aren’t in office. Therefore, read messages carefully and don’t rush to respond to them. If someone urgently needs an important document or demands immediate payment of an invoice, double-check the someone is who they claim to be. Don’t be afraid to call the other party for clarification, or confirm the action one more time with your boss.
Last but not least, don’t neglect your health and well-being. If you work on a laptop, lounging on the couch with it might seem like a great idea. But your back won’t thank you in the long run, so try to find yourself a desk and a comfortable office-type chair.
Make sure the room is well-lit. If the lighting is poor, use a lamp to prevent eye strain. And don’t forget the health basics: periodically stand up, stretch your legs, drink water, get plenty of sleep, and don’t skip meals.