Work-from-home benefits and challenges extend to work-from-travel occasions! Access corporate networks and systems with 8 cybersecurity best practices.
Today’s read is a feature written by Joe Coleman, cybersecurity officer at Bluestreak Consulting™. This column is in Heat Treat Today’s June 2023 Heat Treat Buyers Guide print edition.
Introduction
In this eighth Cybersecurity Desk installment, understand the benefits and challenges associated with working from home or accessing corporate networks and systems while traveling.
Why Are So Many People Working from Home?
The COVID pandemic forced many companies to adapt to remote working and work-from-home (WFH)
policies. Even though these policies have provided employees with more flexibility, they have also highlighted cyber risks that companies must consider. As of March 2022, work-from-home and working remotely have increased by 238% compared to pre-pandemic numbers. Although that number has reduced somewhat recently, it has changed the way companies operate and view WFH.
Several benefits of WFH include:
- Increased employee retention and productivity
- Reduced distractions and interruptions by coworkers
- Reduced company overhead costs
- Increased family time by eliminating commute
One of the first challenges most companies face when shifting to a WFH model is ensuring every employee has high-speed internet access. Most employees will use home Wi-Fi network or cell phone/wireless carrier as an internet “hot spot.” The first common sense rule of thumb is always try to avoid public Wi-Fi and public charging stations. Any way you choose to access high-speed internet, it must be secure. By now, most companies should have WFH or remote work policies and procedures in place, with employee awareness and training, because they MUST be followed to reduce cybersecurity risks.
Cybersecurity Best-Practices for Securing Remote Workers
If your company has employees that work from home and you’re wondering what cybersecurity measures you should put in place, here are some best practices to help you:
- Secure your work sessions: Using a single room that has a door that can lock is the ideal situation when possible. Many WFH employees are either sitting at their kitchen table or in the living room. In those cases, make sure to have your monitor facing a wall to prevent family or guests from viewing your work session and lock your computer when you’re away.
- Separate your home and business networks: Separate your Wi-Fi network so company-approved devices will be separate. Even better, use a secure network and a company-issued Virtual Private Network (VPN) to access your business accounts. You can also use BeyondTrust for secure remote access. Home routers should always be updated to the current software version when it becomes available.
- Separate work and personal devices: When accessing your corporate network, only use company-approved devices. Unless your company allows Bring-Your-Own-Device (BYOD), never use an unapproved device to access your company network.
- Think before you click: Hackers use phishing and other social engineering methods to target employees with legitimate-looking emails and social media messages. These can trick users into providing confidential data, such as usernames, passwords, credit card numbers, social security numbers, account numbers, etc. SLOW DOWN.
Don’t click on links sent from an unknown or untrusted source. Resist the urge to click links in a suspicious email. You can hold your cursor over a link, and it will show you (in the bottom left corner of your screen) the website that it will go to if you click on it. If it’s an unknown or suspicious site, DO NOT click on it. - Click the Image TO Download More Than 350 Cybersecurity AcronymsAntivirus with real-time scanning: Antivirus software detects the presence of malware on your computer. A dynamic scanning feature repeatedly checks for computer infiltration by a malicious threat. Always keep your antivirus up to date and active.
- Update programs, applications, and operating systems: Vulnerabilities in applications and operating systems are continually being found and exploited. Cybercriminals often use these vulnerabilities to exploit data and infiltrate devices and networks. Application vulnerabilities are a cybersecurity challenge of remote working. Make sure you are regularly performing updates as they are released.
- Use 2-Factor Authentication (2FA) or Multi-Factor Authentication (MFA): If you’re not using 2FA or MFA, you are NOT secure. You should use 2FA or MFA wherever it’s available. Your company should have this requirement in its policies and procedures.
- Use strong PINs/passwords on your devices: Strong passwords should contain a good mixture of upper/ lowercase letters, numbers, and symbols (or special characters). Passwords should also not be based on dictionary words and should contain at least twelve characters (the longer the better). Never use the same password for multiple accounts and use a password generator and a password manager.
About the Author:
Joe Coleman is the cybersecurity officer at Bluestreak Consulting™, which is a division of Bluestreak | Bright AM™. Joe has over 35 years of diverse manufacturing and engineering experience. His background includes extensive training in cybersecurity, a career as a machinist, machining manager, and an early additive manufacturing (AM) pioneer. Contact Joe at joe.coleman@go-throughput.com.