How to Work-From-Home Securely

Updated: Jun 18

COVID-19 has indeed turned what used to be our “normal”, one eighty! And in response to this pandemic, everyone had been suddenly and abruptly forced to work remotely. No transition or preparation period whatsoever. But while many employees might be currently enjoying the luxuries of working from home – sleeping that extra hour in the morning, not having to dress up for work, finally having the time to exercise after work, not having to squeeze like sardines in the packed train – their company’s IT department might just be sweating profusely in their seats!

And it is not because of the Singapore weather or the absence of air-conditioning at home either, but it is because that now, instead of having all their employees working in a confined and “network protected” office environment – with an anti-virus software installed on all work desktops, a secure VPN and secured data storage – their employees are now working from each of their individual homes. This means that companies are now widening their exposure to potential threats, and cracks can quickly appear in your business’ protection.

Let’s face it, this is uncharted territory. It’s one thing to support a handful of remote workers — salespeople who are constantly on the road, key executives who need access from anywhere, etc. — but transitioning every single employee to a remote setup and actively supporting them all at once is a different ball game altogether.

And of course, this isn’t just a challenge faced by one company. Instead, businesses everywhere are in the exact same boat – scrambling in their seats to ensure that the majority (or entirety) of their workforce can work securely from home.

Fortunately for you, the tools you need to solve this challenge already exist. But first and foremost, let’s set things straight.

There are four main areas of concern when it comes to cybersecurity at home – your devices, your wireless network, your communications, and your company’s data.

So here’s how you can secure them while working from home:

PART 1: SECURING YOUR DEVICES

Separate Work Devices from Other Home Devices

Let’s say this together, “If it’s not secure, there’s no point in having it”. Ok, now one more time.

“If it’s not secure, there’s no point in having it”.

Here’s what I’m getting at. Do not use your own personal laptop for work purposes if it’s possible. Companies should thus supply their employees with the approved devices for work purposes only. This is very important for security reasons, and a great way to immediately minimize a company’s risks to their business, to protect it from malware or ransomware.

Use Current Antivirus/Anti-Malware Software

The most important issue of working from home is the security of the devices used for accessing the company’s database. If a company does not have the financial means of supplying each individual employee with their own work laptop or devices, it is then extremely crucial to ask them to secure their own personal devices. This can be done so with an updated version of antivirus software, along with Firewall, which can boost the device security and minimize the chances of a cyber-attack.

But remember, it is also vital to ensure that your employees’ Antivirus software is always up-to-date! This is to catch any new types of malware (called “zero-day”), which are so new that they haven’t been catalogued in any threat database yet! To catch these, you will need to have the current antivirus program – one that includes AI and machine learning to detect behavioral anomalies.

And if money’s too tight, install a free antivirus. Even one at no cost will significantly reduce the risk of getting infected — and landing in big trouble with the boss.

Keep Devices Updated & Patched

Like the Antivirus software, it is also equally important to keep one’s devices updated and patched.

Let me give you the reality. Did you know that 60% of data breaches involve unpatched system vulnerabilities?

In fact, there are many cases where a data breach happened because a patch that had been issued months earlier, went unapplied. Why? Because here’s the thing. New vulnerabilities are forever being found in applications and operating systems. And hackers just can’t resist exploiting them to infiltrate other people’s devices. Often, they rely on people being too lazy to update their software, to do so.

Hence, a vital component of good device security is keeping one’s computer and devices updated. These updates often involve crucial security patches to address newly exploited vulnerabilities.

It is thus important to remind employees to regularly update their software, operating system, and firmware updates to the latest version supported under the company’s security policy. To update these in a timely manner, encourage them to activate automatic updating on all their devices.

Use Two-Factor or Multi-Factor Authentication

Two-factor or multi-factor authentication is a very effective way in securing one’s online accounts, and deter any unauthorized users from accessing your company’s network.

A multi-factor authentication could be a combination of the following:

  1. Something known to the user (user ID, PIN, or a secret question)

  2. Security key, token or card that the user possesses physically or can be sent to the registered mobile number of the user

  3. Biometric identification (if supported by the user’s device)

However, in most cases, biometric identification is far-fetched for those working from home. Therefore, two-factor authentication, or a combination of user ID along with a one-time-password (OTP) sent to the user’s personal registered number, is usually used as the hallmark of security.

PART 2: SECURING YOUR NETWORK

Separate your Work Wi-Fi

Now, if your company is not able to provide each employee with their own individual laptops, another way to safeguard one’s devices and improve one’s home network security is to separate sensitive work devices from higher-risk devices by keeping work devices on one network and everything else on the other one.

Often, other devices can be a higher risk for a breach (such as a teen’s gaming computer). Hackers often try to discover and hack other devices connected to the same wireless network once they get into one of them. By setting up a guest or separate network on your router, you’ll be creating an additional Wi-Fi network that can be used for internet connection.

Configure Wi-Fi Encryption

Protecting one’s devices won’t help if an attacker manages to connect to one’s Wi-Fi or take up residence inside one’s router. Anyone who does that can intercept everything you send or enter online, including passwords for remote access to an office-based computer or corporate mail. Therefore, it is imperative to configure your network connection correctly.

First, make sure that the connection is encrypted to keep information safe from prying eyes. If your Wi-Fi asks anyone connecting to it for a password, the connection is encrypted.

Change your router login and password

But having a password is one