Cybersecure Your Home Office - SwiftTech Solutions

Professionals are working from home at an increasing rate, whether it is one to two times a week or full-time. According to a FlexJobs.com report, 3.9 million U.S. employees, or 2.9% of the total U.S. workforce, work from home at least half of the time, up from 1.8 million in 2005.

What are the benefits of working from home?

Employers include this benefit to attract workers and retain them long-term. For employees, working from home has a variety of benefits such as:
• Saving money and frustration from not driving through rush hour traffic
• Allowing them to continue working in case of a mishap, such as a vehicle breakdown or inclement weather
• Accessing a work area free from typical office distractions, such as water cooler gossip and unwanted interruptions
• The convenience to schedule errands during standard business hours, such as doctor’s appointments, without using paid time off hours
• The flexibility to work outside of business hours. For example, employees can take full advantage of their most productive hours of the day or respond quickly to a client’s emergency

What are the cybersecurity risks of working from home?

Unfortunately, home offices typically do not follow the same basic cybersecurity best practices as a business network. These users are more vulnerable to a cyber-attack in these areas:

Networks: Coworkers must share confidential data through internet channels. They would transmit this information from a protected business network to a potentially unsafe home version. Home users may leave default usernames and passwords on their network routers, making it easier for hackers to join the network and access confidential data.
Devices: Many of these workers access their work from a non-IT-protected device like a personal laptop, tablet, or smartphone. These people might have out-of-date or even out-of-support operating systems on their devices. Also, many do not scan their devices with antivirus software consistently or even at all. Furthermore, these users may leave their network file-sharing settings so that people on the same Wi-Fi signals (including hackers) can get access to their files. They may even let non-employees borrow their computer for personal use.
User practices: Home users may also be using unsafe habits, such as clicking on email links and attachments without checking their contents. They may also create easy-to-guess passwords and use them across different accounts. Moreover, a scammer may convince the worker to provide confidential information and remote access to their computer.

How can you cyber-secure your home office?

Network

Install firewalls on network routers and computing devices.
Use a company VPN (Virtual Private Network), especially when working with sensitive information
Change the name and password on your router. When you leave on the default name, such as “Linksys,” a hacker gets a clue about the type of router you have. Afterward, they can look up commonly used passwords associated with the device.
Activate encryption on your Wi-Fi network. The most used standard is WPA2 (Wi-Fi Protected Access 2) encryption with AES (Advanced Encryption Standard).
Disable remote access to your router’s admin panel. This prevents hackers from accessing your router from outside the Wi-Fi network.
Keep the router’s software up to date.
Turn off your Wi-Fi signal and internet-connected devices if the entire household will be away for an extended period.
Limit access to your Wi-Fi password to people you know and trust. Do not give it out to someone who is performing a service at your home. Change the password at least once a month.
Create a dedicated guest Wi-Fi network if your household gets frequent visitors.

Devices

Scan devices with antivirus software weekly. The program should also scan any USB or external devices that you plug in.
Use operating systems still supported by the manufacturer. For example, Microsoft is no longer supporting Windows XP, Vista, and 7.
Keep the software on any Wi-Fi-enabled device up to date. Also, uninstall software you will no longer be using.
Turn off Wi-Fi sharing on your devices so other people will not have access to your work files.
Disable auto-connecting to open Wi-Fi networks. This is to make sure you do not accidentally connect to unsecured neighboring networks.
Do not let non-employees borrow your devices. Let them know you must follow your employer’s security policy.
Encrypt your devices to protect confidential data in case of loss or theft.
Whenever possible, work on documents on a secure cloud application, rather than directly on your device. One example of this is our DigitalWorkspaces™ service, which combines a virtual desktop, published apps, cloud storage, and collaboration.
Backup devices on an onsite drive, at a data center, and to the cloud. SwiftTech can provide these features in our Backup as a Service.

User Practices

Watch out for signs of a phishing email, including odd sender addresses, generic greetings, misspellings, and improper grammar. Also, be careful with clicking on email links and attachments from senders you do not know.
Use safe password management practices. Create passwords with a mix of capital and lower-case letters, numbers, and symbols. Also, use different passwords for each online account and store them on a password manager.
Watch out for unsolicited requests for confidential information or to access your computer. Instead, follow up with the company using the information on their official website. If you are in doubt, you can contact our help desk at 877-794-3811.
Create a Policies and Procedures document to specify how employees should access company technology resources.
Require employees to participate in periodic cybersecurity training including online tutorial sessions and phishing email simulations.

If you need help with setting up the above security measures, we recommend our Security as a Service. It provides web security, email security, enterprise anti-virus/anti-malware protection, ransomware protection, intrusion prevention, and security monitoring. For more information about Security as a Service, you can contact us at 877-794-3811 or info@swifttechsolutions.com.

SOURCES
U.S. Department of Homeland Security. Home Network Security. (2015, December 15). Retrieved from: https://www.us-cert.gov/ncas/tips/ST15-002
Bayern, M. Working from home: 5 hidden downsides no one talks about. (2018, June 19). Retrieved from: https://www.techrepublic.com/article/working-from-home-5-hidden-downsides-no-one-talks-about/
Gredler, C. Cybersecurity Tips for Working Remotely. (2016, September 16). Retrieved from: https://www.csid.com/2016/09/working-remotely-perk-cybersecurity-threat/
StaySafeOnline. Cybersecuring Your Home Office or Home-Based Business – CyberSecure My Business™ Webinar. Retrieved from: https://staysafeonline.org/resource/securing-your-home-office-business-webinar/
Hoelscher, P. Cyber security and remote working: What are the risks and how can you mitigate them? (2018, August 7). Retrieved from: https://www.comparitech.com/blog/information-security/security-remote-working/

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.