During the current pandemic, legions of people have made the switch to ‘work from home’ mode, which has significantly increased the risk of cyberattacks. DataArt has prepared several recommendations to help you work from home safely.
Devices that you use for work should be compliant with the information security requirements and policies of your company:
If possible, use a corporate laptop that is enrolled into corporate management tools (added to a corporate domain and Mobile Device Management tools, like Intune)
If you have your own laptop that you use for work, do the following:
Install antivirus software and update it regularly
Create a strong password
Enable Full Disk Encryption (FDE), like Bitlocker (Windows) and FileVault (macOS)
Install OS updates and patches, especially security-related ones
Install any updates for the third-party software you use
Don’t use the admin account; create a user account and make sure it is also password protected. If you need temporary elevation of privileges to perform administrative tasks, use sudo/runas.
Lock the screen on your device when you go to another room if you do not live alone or have guests.
Have employees working from home?
Network and Router
Use a wired connection instead of Wi-Fi when possible
Check that you have a backup Internet connection channel (3G/LTE)
Check the settings of your router and change all default and weak passwords
Turn the firewall on
Ensure that the router’s administration interface is not accessible from the Internet
Switch Telnet and other insecure services off
If possible, segregate your wired and wireless networks into different VLANs
If you use Wi-Fi make sure:
Your router access is password protected
You configure WPA2 with AES as an encryption algorithm on Wi-Fi network
Minimize the use of Bluetooth whenever and wherever possible, especially on older mobile devices.
Use the VPN provided by your company to access server files and services
Use a Remote Desktop connection to your office workstation instead of working on your home computer, if possible
Use only corporate email for any business-related activity
Do not store corporate information on your private devices any more than absolutely necessary to complete your work
Use corporate tools for data storage and sharing, like SharePoint online, OneDrive for Business, GSuite, Box, or other tools provided by your company
Write down or memorize contact information for your company’s InfoSec department and Security Incident reporting facility. Contact them immediately in case of any suspicious activity on your computer, of if you suspect you’ve suffered from a virus outbreak, phishing/spam or any other attack.
Be ready to combat SPAM and phishing emails or social media messages. There will be plenty, particularly on the topic of coronavirus:
Do not click on suspicious links
Do not open suspicious attachments
Do not respond to suspicious contacts in Skype and other messengers