The new normal: Securing your work-from-home environment

LAST EDITED:
PUBLISHED:

Read more about some simple but effective tips for helping you and your workforce protect your digital assets while working outside the security of your office.

Your office is a fortress. You protect it with firewalls, anti-virus, backup power supplies, corporate policies, and a team of dedicated IT security professionals. These same layers of security and personnel in place at work are (most likely) not present in your home. 

With more companies issuing indefinite work-from-home orders, we seem to have entered a new normal. Although working from home has its benefits, it also increases your exposure to a cyber attack. The threat landscape now extends to your home network. 

The following are some simple but effective tips for helping you and your workforce protect your digital assets while working outside the security of your office. 

Securing Your Network Connection

Your home router is the gateway to the outside world for all of your connected devices—laptops, mobile phones, smart TVs, AI assistants, etc.  Everything you own that is connected to the Internet is a potential point of entry for attackers. Are you aware of how many devices are connected to your network right now? Is your router secure? What’s the worst that could happen if it isn’t?

For starters, unauthorised users can disable your router’s security and begin stealing personal information without you knowing. BotNet attacks can hijack an unsecured router to saturate your bandwidth and launch subsequent attacks. “Signal Surfers” can log in from just down the hallway using your easy-to-guess password, creating their own network using YOUR router.

But the risks go far beyond piggy-backing neighbours slowing down your connection speeds. Unauthorised users can also use your unsecured router to mask their own identity, committing serious crimes in YOUR name (or at least attributable to your gateway’s IP address).

When was the last time you updated your router? Have you never changed the default “Admin/Password” combination that controls your whole Wi-Fi router? Updating your home router is simple – it takes just a few minutes and can protect your home network from a number of critical vulnerabilities.

Secure your home router by following these simple steps:

  1. Look up your router model online to determine your router’s central login address (e.g., “192.168.1.1” or “routerlogin.net”)
  2. Enter your router’s login address into your web browser
  3. Log in with the default username and password (usually both ‘admin’ or ‘admin/password’ - also searchable on the internet)
  4. Go to settings and select ‘Change Router Password’ (or similar)
  5. Enter your new password
  6. Save settings

Once logged in, you should also check to see if there are any firmware updates available, install them, and enable “automatic updates” if not already selected.

After logging in, you can also see what devices are connected to your router. Do you recognize all of them? For added security, consider starting an asset inventory to keep track of all authorised and any unauthorised connections. Like account passwords, you should also change your Wi-Fi network passwords on a regular basis. Create a separate network or VLAN for “work” devices to separate them from your family’s many IoT, tablets, and non-business critical devices to further secure your network. 

Other things you can do to secure your network connection include using a reputable VPN when connecting to public Wi-Fi, closing and terminating any Remote Desktop Protocol (RDP) or remote access sessions when finished, and updating your antivirus software regularly.

Separating Browsers for Work & Play

The ideally secure work-from-home office space would be off-limits to family and friends. That network would have a dedicated computer and network segment for work only, and even its own Internet connection. However, this is not always possible. With budgets tightening, companies may ask employees to use their own devices.  Naturally, this means that people will be more likely to use a single device for both work and personal activity.  

If you find yourself in this predicament, there are a couple of tips to greatly reduce the exposure to cyber threats.  One of these is to ”silo” your web browsing activities – one browser for work, and one for personal.  There are some cyber attacks that take advantage of the way web browsers store user information, field values, and even passwords. For example, if Chrome is your work browser and Mozilla Firefox is your personal browser, then it is more difficult for an attacker to leap from one to the other to gather data. By creating two silos, you reduce exposure. 

Another simple practice that should become a habit is clearing your cookies and cache frequently. By doing so, you delete all saved information (like passwords) and help prevent websites from tracking you.

For your dedicated “work browser” you can also explore privacy-enhancing extensions and add-ons. Be sure to research any add-on solutions before you install, and recognize that some may (thankfully) block plugins such as javascript, flash, and other known vulnerable extensions.

Phishing Awareness

Phishing attacks aren’t only found in emails – you can be phished through a text message, phone call, or even Facebook. Your spam filters are usually not sharp enough to keep you safe from all forms of phishing. Especially when working from home, remain vigilant, and look for unusual characteristics. 

For example: Do you know the sender? Can you see the full, original email header and verify the address? Does the language in the email read smoothly and sound normal? Is there a legitimate reason to click, download, or open a link or attachment? If the answer to the above is no, then assume it is a phishing email. Flag it as spam, delete it, and most importantly do NOT forward it to your coworkers, but to a dedicated security team member. If you need to inform someone else, take a screenshot and send it as a separate email or through another channel.

For any calls to action, visit the official page, and avoid accessing them through notifications or links sent to you unless you can verify the request. You owe attackers nothing.

What should I do to defend myself from cyber attacks?

Waiting for an attack to happen before you contact a cyber incident response team can cost precious time and a high hourly fee, which is why pre-purchasing a retained solution is the best way to optimise response time and minimise costs.

Blackpanda’s IR-1 subscription is the most effective solution for small and medium enterprises in Asia Pacific facing limited resources and knowledge in managing cyber breaches. IR-1  aims to help them manage cyber breaches and mitigate their impact by offering a 12-month subscription plan that includes 24/7 incident response availability, one incident response activation credit, discounted rates for Blackpanda services, and unlimited access to a digital library. IR-1 is staffed by highly trained specialists, and businesses can renew the subscription upon expiry.

Get in touch with us to learn more about IR-1.

Sign Up to Our Newsletter

Our weekly Asia Cyber Summary is a snappy, non-technical overview of regional cyber security news that helps you stay informed. Test it today, you can always unsubscribe.