Working from home- How secure is it?
Vimal Ramachandran, Director
The current health crisis the world is witnessing today is truly unexpected and unfortunate. We have never experienced a crisis like this before that forced us to confine within the four walls of our house. When you know something like this is going to happen, you can plan things accordingly, be it related to your personal life or professional. But COVID-19 pandemic didn’t give us time to prepare. Before we could realize what was happening, the entire world entered into a lockdown.
Most of the employees have started to work from home and this might pose certain challenges, specifically on the security front. There are chances of risks and the security team of an organization must identify the common risks that might arise when employees are working remotely. The security team should coordinate with the communication team and the latter must train the employees on the risks and how to manage them. This will simplify the process of security and motivate employees.
Even after training employees on these, they might encounter problems with regard to security and will be in need of help. It is always advisable to answer their queries in real-time using technology or forum, such as e-mail, Skype, teams or any such platform. This will make security as approachable as possible and will enable the security team to quickly identify and respond to incidents.
The platform you are using to answer queries should have strong authentication mechanisms; otherwise cyber attackers will see this as an opportunity to socially engineer these platforms.
Social engineering attacks are one of the greatest risks that will arise when employees work from home. The user will be prompted to make a mistake, without their knowledge and during a time like this, when you get numerous calls and emails related to the pandemic, it will be much easier to trick the user. Chances of overlooking these scams are high. The solution is to train employees on what social engineering is, how to identify it and what to do once you identify one. Even though phishing is the most common form of cyber attack, there are other modes as well and employees should be aware of these.
Weak passwords have always been one of the top reasons for security breaches and it makes the job of hacker pretty much easier. Below listed are four key behaviors to manage this risk;
- Passphrases: Compared to passwords these are comparatively longer and ensures added security.
- Unique passwords for all accounts: Do not give the same password to all the accounts; they should be unique and strong.
- Password managers: This helps in storing and managing online credentials.
- MFA (Multi-Factor Authentication): User is given access only after successfully entering two or more independent credentials.
The security team must see to it that the employees are using the latest version of the operating system, applications and mobile apps. Everything should be updated, as updation helps in patching security holes.
Here are some tips for you that can be useful while working from home;
- Here are some tips for you that can be useful while working from home;
- Change the default admin password, enable WPA2 encryption and use a strong password for your wireless network
- All the devices connected to home network must be protected by a strong password and should be updated. Systems should be locked while you are not using it
- Both the operating system and applications must be patched and updated
- Do not discuss any confidential details with clients in public
- Keep your system in a secure place and also ensure to keep your screen private. Position it away from other people
- Do not access any internet sites other than the access required
- Inform IT department if you come across any abnormal activity through emails or systems
- If you are sharing any confidential information via emails, protect it with a password. Share the password with the user in person and not through email.
- Do not use official laptop for personal use (internet or unauthorized applications or software) and avoid carrying laptop to public places to work.
Above all, one should have the common sense to differentiate between genuine things and scams. It is easy to fall prey to scams, but difficult to get out of one.
Vimal receives the Catalyst CIO Award
Our Director of IT, Mr Vimal Rama Chandran, CISA, BCM LA, COBIT 5 CA was presented with ‘The Catalyst CIO Award’ at the Future IT Summit & Catalyst Award 2022
How RPA is helping in Employee Retentions in UAE
Robotic Process Automation is gaining immense popularity among industry leaders as a value for money, efficiency-improving technology.
Get in touch
Whatever your question our team will point you in the right directionStart the conversation