In the age of remote working, companies are unfortunately open to a never-ending chain of cybersecurity risks. Many employees are still struggling to adjust to the changes of working from home, and this leads to an increase in security errors.
During the height of the Coronavirus pandemic in April this year, cybersecurity company Tessian surveyed 1000 workers in the UK and 1000 workers in the US to compile its ‘Psychology of Human Error’ report which reveals how stress and distraction led to people making mistakes at work. The report exposes a worrying statistic, where nearly half of the employees (43%) say they are “very” or “pretty” certain they have made a mistake at work that had security repercussions for themselves or their company.
As much as we may have preferred working from home before the pandemic, practicing it daily may not be as easy a task for many, and comes with numerous security risks.
Here are some things you can do to keep your information safe while working remotely:
- Use strong passwords
This might seem like an obvious thing to do, but you might be surprised to know how many times people choose to use simple or easily identifiable passwords. Try to search for the most commonly used passwords, and you will see passwords like ‘qwerty’, ‘password’, ‘12345678’ and so on. According to an article on ZDNet, brute force attacks, also known as credential-stuffing attacks, are the go-to choice for hackers simply because it works - the attacks are successful due to the abundance of systems using default credentials or extremely common passwords.
- Implement Firewalls, Anti-virus software and Anti-malware
Keep your Firewalls, Anti-virus software and Anti-malware up to date on all your devices, not just your laptops, since many of us are prone to using our phones/tablets to check or answer to messages and emails from work. While Firewalls protect the website from vulnerabilities, Anti-virus software keeps away unwanted programs from your file system and Anti-malware scans your devices regularly to keep them malware free.
- Make use of Two-Factor Authentication (2FA)
2FA asks you for an added security detail, like a personal question or a PIN, apart from your username and password. In such a case, even if your primary credentials get stolen, it is unlikely that your security password or PIN could get stolen too, adding that extra layer of protection.
- Encrypt your data
It is imperative to have encryption software in place to protect your information. If your laptop gets lost or stolen, the encryption software bars sensitive data access to unauthorized users. Also make sure all your communications have end to end encryption, such as your emails or messages, which ensure only communicating parties the access to information.
- Use a secure internet connection
The worst thing you could probably do would be to use an unsecure internet connection like public Wi-Fi to do your work, especially when you’re dealing with confidential information. It is always better to use a personal Wi-Fi connection or hotspot. Even then, it is advisable to protect your PC, say with a Firewall, and make sure your traffic is encrypted.
- Use a Virtual Private Network
As an add on to the previous point, VPN is also a must for remote access applications. With a VPN, it is as though the computing devices are directly connected to the private network, ensuring that sensitive data is safely transmitted. It protects your online identity from public networks, and improves performance by increasing the bandwidth and efficiency of the network.
- Finally, make sure to double-check
According to the Psychology of Human Error report by Tessian, one in four employees (25%) say they have clicked on a phishing email at work, with nearly half of respondents (45%) citing distraction as the top reason for falling for a phishing scam, with 57% of workers admitting they’re more distracted when working from home. Another common mistake with cybersecurity repercussions is sending emails to the wrong person, and the majority of respondents (58%) said they have done this at work.
Going by these stats, it is better to double-check before and after you do something. Make sure the email id of person communicating with you is the correct one. Do not click on links in the email to enter sensitive information unless you know for sure the email is secure and from the right party. Cross-check your activities, and don’t leave your computer unattended. For instance, some people have a Bluetooth system in place, where the computer shuts off immediately if the user is not in range. By double-checking, you can decrease the chances of making a mistake or rectify one immediately even if you have made one.
Data security is as much the employee’s responsibility as it is the employer’s. While organizations endeavor to protect stakeholder’s information, it would be futile if the stakeholders were to make silly security mistakes. Hence, from our end, it is important that we take whatever measures we can to secure workplace data.