As an employee, how can you stay secure working remotely? As an IT admin, how can you encourage your end users to stay safe? In this post, we’ll hit some of the top things that you can do to keep yourself safe when working remotely.
Secure Remote Working For End Users
There are three major components to think about when trying to keep yourself secure while working outside the office.
The lynchpin of your security is your digital identity, which consists of your username and password. Make sure that it doesn’t get stolen or compromised. Make sure that your credentials are long, complex, and unique; they must ideally be a combination of words or a sentence, must include a mixture of different characters, must not be reused on multiple apps or websites, and not be something that bad actors can easily guess (like your last name or “password”). Additionally, be certain you have multi-factor authentication (MFA) enabled for your resources like applications and systems. The primary attack vector for any organization is compromised credentials, so make sure you’re taking the necessary precautions to protect your identity from bad actors.
Your username and password are the conduit to just about all of your IT resources. Make sure password changes are happening either on your machine — to avoid phishing — or you are directly navigating to a service’s website to change your password for that service. Try to never change it via an email request.
Second, make sure to secure your computing device. Your Mac®, Windows®, or Linux® system is your conduit to all your data and applications. Keeping it secure is critical, both physically and digitally.
From a physical standpoint, make sure that you keep a close eye on your machine and make sure that the disk is encrypted using FileVault or BitLocker. Your IT organization may have also enabled MFA for logging into your machine, which is always a good thing. Additionally, usually there is an icon on your desktop or in the start menu for you to check whether your machine is functioning properly and up-to-date. Make sure you have anti-virus/anti-malware installed on your system and that it is current so that you’re protected.
When you are working or even just browsing, make sure that you are careful about the sites that you are going to. Bad sites can easily download malicious code onto your machine. Try to stick with reputable sites, and when searching on Google pay attention to any warnings that the site may have malware. Your anti-virus software should help protect you as well, but good browsing hygiene helps a great deal.
Third, ensure that the network you use to access the internet and your IT resources is secure. Make sure to use a virtual private network (VPN) to encrypt your data when working in a public space. The keys here are knowing whether you control the network — i.e. the router and WiFi equipment — and have a reputable ISP. If you are in an untrusted network (café, airport, hotel lounge, etc.), we’d strongly suggest using a VPN. Using one ensures that bad actors cannot easily attain the sensitive information you’re currently working on.
There are many other areas that can potentially be expanded upon, but making sure that you are solid on these three will pay massive dividends and ensure that you are keeping both you and your organization secure.To learn more, you can check out our security essentials course to ensure you’re keeping a watchful eye on your identity, systems, and networks. If interested, you can read our blog on securing a home WiFi network.