Critical Security Considerations For Remote Work

News March 19, 2020

The global pandemic is making it increasingly unsafe and unwise to gather in closed environments. The recommendation coming from several world health organizations is to practice social distancing. In this scenario, going to a workplace is no longer necessarily recommended. Many workplaces are asking people to work from home.

Cybersecurity experts recommend the following approaches for safely working remotely:

  • Watch out for Phishing attacks that take advantage of COVID-19
    • Avoid personal email for work
    • Don’t reply: Legitimate companies don’t ask for personal details like names and addresses and credit card numbers over email.
    • Don’t open files or click links! Instead, hover your mouse over the link in the email, and you should see the full URL of where the link actually goes.
  • Be aware of who might be listening to your conversations. If you’re speaking about sensitive personal data, then move to a private area.
  • Don’t trust the WiFi: One-third of remote workers admit to using an unsecured wireless network, putting their data at risk.
    • Don’t send or open secure data over public WiFi in an airport, coffee shop, neighbors WiFi, or any open “free WiFi”.
    • Don’t let anyone else plug in USB devices into your computer, not even if they just need to charge their device.
    • Turn it off: When you aren’t using a device, turn off the WiFi and Bluetooth connectivity.
    • Use company VPN if available
    • Get up and move if you feel uncomfortable in a public space, it is perfectly OK!
  • Check with your IT before start using collaboration apps/ services
  • Don’t share work files using personal cloud storage accounts on GDrive, Dropbox, OneDrive, etc.
  • If you use personal devices, limit work-files to one folder.
    • Delete it once you transfer the files
  • Make sure your device has all necessary updates, such as operating system updates (like iOS or Android) and software/antivirus updates
  • Use two-factor authentication if possible
  • Lock your device if you do have to leave it unattended for any reason

This is a contribution from Ernest Staats. He is a Cybersecurity expert who works as a contractor with the General Conference of Seventh-day Adventist Church on Data Privacy.

@NetworkPaladin