Cybersecurity Tips for Remote Workers

Why Cybersecurity Matters for Remote Workers

We live in a World where criminals, often hacking from a distance, damage and destroy even large, successful companies. Keeping hackers out of corporate networks was always a priority. But during the past few years as many of us shifted to working from home, keeping hackers out of company networks became more difficult. Many companies weren’t prepared for the sudden shift to remote work caused by the COVID-19 pandemic. And even now many organizations are still playing catch-up to improve their security as they adjust to this new reality.

For a typical remote worker, what’s our responsibility? Isn’t it up to the employer to create strong and resilient systems? After all, most of us aren’t technical in that sense.

You wouldn’t expect the marketing team to defend the company’s core legal issues in a courtroom, and nobody expects the cleaning crew to promptly pay the company’s invoices. Work is specialized now more than ever, and each worker’s responsibilities are different. But thinking it’s not my job will provide only cold comfort if your employer is truly damaged by an avoidable attack.

Keeping our employer’s networks and systems safe is a shared responsibility.

Here’s what we can do while working remotely:

1: Use strong, unique, Modern Passwords whenever it’s practical.

Long, complex passwords are generally considered to be the strongest available, but they’re also very difficult for most people to type. If you have to enter your work password(s) manually, these uber-strong randomly generated passwords may not be the best option. Generally speaking, make your passwords as complex as possible while still practical.

2: Use a Password Manager if your company allows or provides it.

The simplest solution is to use a company-provided Password Manager to create, remember, and type your passwords. It’s like outsourcing the whole password problem to a trusted assistant. If you deal with many passwords daily, it’s a game changer!

3: Use Multifactor Authentication (MFA) for every company system/account that offers it.

Because of large-scale implementations, we know the strongest forms of MFA are outrageously effective.

4: Use your company’s provided Virtual Private Network (VPN) to access company systems.

Commercial VPNs like Global Protect, Any Connect and Zscaler Private Access are used by employers to create a safe, secure connection from your location at home or on the road to company systems. Often companies make VPN use mandatory to access systems, and sometimes it’s optional. If you have the option, take it!

5: Install updates often.

It’s certainly true that software updates, system updates, and Windows updates can become irritating, especially if they get in the way of actually doing your job. But they’re important because these updates often include security improvements for known problems. You can set the updates to run at the end of day, and let them “cook” while you’re enjoying happy hour with your coworkers.

6: Completely separate personal computer use from company use.

Using company laptops to check personal email has led to many painful security incidents. And depending on the state you live in, your employer may have the right to read everything you type, and know about everything you do on that company laptop. Your personal emails or social media posts may not stay “personal.” It’s best to keep company work on your company laptop and surf/shop/check social media on your personal laptop.

7: Beware of phishing.

These hacking attempts often show up as communications from coworkers or vendors that seem “odd” or somehow “off.” They usually include some element of urgency, and often request your login details. Or they ask for sensitive company information or for changes regarding payments or wire transfers. If you receive an odd-sounding request, try to verify the request is legit by using a different channel. If the request comes through Slack, try emailing your coworker. If you receive a questionable email, try calling or texting the sender to verify if the request is genuine. If you’re in-office, why not go “old school” and walk over to their office and ask?

8: Don’t download random software or browser extensions onto your company laptop.

These often include malware or hidden tracking scripts. And random downloads often lead to hacking attempts.

9: Secure your home network.

Many security experts recommend strengthening your home Wi-Fi router by changing the default IP address, changing the default login credentials, and updating the firmware.

10: If you use public Wi-Fi for work, always connect using the company VPN.

Some security experts advise against using public Wi-Fi at all, but over the years Wi-Fi has become more secure. Even so, I’d never use public Wi-Fi to conduct any banking or other financial business.

11: If you make a mistake, or think you did, report it quickly.

Time is often a critical component in dealing with security problems. If you click on a phishing email or accidentally lose a company device, take a deep breath and then quickly report the situation.

12: Don’t leave company laptops or other devices unattended.

It’s not at all unusual for unattended laptops to “disappear” when left all alone, shivering in the cold. An opportunistic thief can simply grab your company laptop and walk away. It happens often enough to be a real concern.

13: Lock your laptop or other devices when you walk away from them.

This is a great habit to create. Just press the Windows key and L. On your Mac, choose Apple menu > Lock Screen. If your plans for the day lead you to work in a public space, or if you’re working from home and need to keep company information confidential, then it’s really important to keep your company device secure. Locking your devices will keep out both the mildly curious and truly criminal.

14: Use a privacy screen.

These laptop add-ons are fairly inexpensive and they help keep snoopy people from seeing what’s on your screen while working remotely. It’s easy to forget that everyone walking past us or behind us can see what’s displayed on our laptop. Adding a privacy screen is a simple, once-and-done option that offers some helpful protection.

BONUS: If your company offers it, join their Cyber Champions Program.

These are offered at many larger employers, and provide training opportunities which can equip you to be a more aware and safer employee. And your mastery of The Basics will help protect your personal online experience, too. If your company doesn’t have one yet, why not start one!

Use These Remote Work Cybersecurity Tips to Stay Safe Online

Don’t be overwhelmed by all these suggestions. Think of them more as options on a tasty menu. You get to choose which one(s) sound most appealing. As you accomplish each one, give yourself a pat on the back and celebrate what you’ve done!

Join us

Weekly resources to help keep you safer online — protecting you from hackers, online scammers, and other Digital Kleptomaniacs™.

No spam. No selling your email. Just factual, actionable information once a week, from people who truly care about online security.  You can unsubscribe any time — but we hope you’ll want to stay with us on this journey.

Cybersecurity is a modern form of wealth, and you deserve to keep what you've earned.

Looking forward to connecting again next week.

— Anthony Collette

Digital Kleptos™