Secure Your Data While Working from Home
In these strange times, many businesses are having to adapt to remote work for the first time. Now that we’re a couple weeks into this new normal, hopefully you’ve figured out processes for getting the mail, collaborating with team members, and coordinating to get documents signed and notarized. Maybe you’re starting to settle into the reality of an all-remote, all the time, workforce.
If so, don’t forget to address one more desperately important issue that may have been overlooked in the chaos of these last few weeks: system security.
Security Basics
Since the start of Covid-19, phishing and cyber crime have increased exponentially. Bad actors may target your systems for a number of reasons- to steal data, to damage company operations or reputation, or even to hijack your computers for use in an attack on someone else. Hopefully you have a cybersecurity policy and an incident response plan in place to mitigate and respond to those risks.
However, the new work from home setup may be creating new weak spots for hackers to exploit. Here are some simple steps to keep your remote workplace secure:
1. Secure Home WiFi Systems
Hackers can break into an employee computer using their home WiFi network. Make sure all your WFH employees have:
- Changed the default password for their router to something secure (we recommend using a secure password generator), and
- Changed the default name of their WiFi network.
2. Use a VPN
A Virtual Private Network is a secure way to access the internet. It encrypts data so that even if a bad actor intercepts your wifi signal, they’re less likely to be able to actually see any information that you’re sending or receiving over the internet. This is particularly useful when using public WiFi networks, such as at a coffee shop, but having employees use it when working from home means you don’t have to be as worried about their home WiFi security.
3. Vet New Software
Vet any software you’re using for remote collaboration, like Zoom or Skype, to make sure the providers don’t monitor or record your conversations and that they themselves have adequate security. If a hacker breaks into the software provider, they’ll have an open lane into your computers as well.
4. Limit Access
When transitioning to WFH, you may have shared remote files with all employees. Now’s the time to go in and claw back access to folders that employees don’t need. Each employee should only have access to the files they absolutely need to do their work. That way, if one computer does get compromised, the hacker only has access to some of your company’s information- not all of it.
5. Warn Employees
Make sure employees are on guard against phishing attacks. The FTC provides a useful guide on avoiding phishing attacks here. If you’re a Promise Legal client, you may also be eligible for some free vulnerability testing and monitoring to help gauge your level of risk.
Don’t have a cybersecurity policy yet? Consider the benefits of being prepared.