written by Matthew Stern
The future of work has been a valid argument for a time now. Various proponents and critics have moved to research how well and productively the current model can be changed to promote a better work-life balance. It took an event as massive as the coronavirus, though, to shift work dynamics from the office to the home.
While brands like Twitter and Deloitte have made it clear that their employees can continue working from home indefinitely, some concerns must be addressed here.
If convenience and a boost in productivity were the only issues, we would not be here today. Now that security is concerned, we have to take the remote work possibilities under a microscope.
The Emerging Cyber Risks from Working from Home
Working from home is all fine and great till you learn that the employees might be putting the entire organization at a bigger risk with this model.
Some of these concerns have been with us for a while now. Others have been aggravated now that hackers and scammers know that more employees are at home and can be targeted more easily.
Here are some of the looming and most prevalent dangers that need to be addressed by any firm serious about its security models.
#1 Residential Network Malware
Corporate accounts and devices are used only to be deployed in the work environment. The top firms and companies know that their cybersecurity is of paramount importance and as such, will invest in a solid IT department that locks down the data going in and out of these devices.
Now that the same corporate units are being used in the home, they don’t enjoy the level of encryption that they were used to on the corporate networks anymore.
Thus, it is not uncommon that hackers will go after such devices now that they know they could easily breach residential networks. Effectively, they can use such devices as backdoors into the entire company network.
#2 Hardware Neglect
Computers, smartphones, and other digital hardware devices belonging to the corporation were also usually operated within the premises. This means that unauthorized individuals rarely, if ever, have access to these units carrying sensitive data.
These days, hospital management staff can go to a coffee shop and do their thing. A project manager can take their laptop on a train ride and continue to manage their teams from there. In short, a lot is now being done from outside the office, with the same office units, and these units don’t enjoy the protection of the premises anymore.
Theft of the unit, shoulder surfing by someone looking to steal data, or any such attacks are enough to cause a data breach.
#3 Update and Upgrades
One other benefit of having an in-house IT department is that they handle software updates and device upgrades on the server side. Thus, everyone connected to the same network gets the updates applied to their units and systems.
Now that everyone is working individually from home – or other remote locations – the responsibility falls onto the users’ laps to get their systems up to date.
Since that is not something that they were used to or the lack of proper sensitization on why they need to update/ upgrade their software ASAP, problems might arise. The possibilities are almost endless, from the exploitation of bugs in the system to data leaks from a poor piece of software.
Still on software…
Did you know that installing apps from sources other than the official app store of your device/ OS provider is dangerous?
Installing these apps from the regulated store (such as the Microsoft Store for Windows devices, Play Store for Android, or App Store for iOS and Mac units) adds an extra layer of security to your app profiles. That is because these services take the time to vet the apps that are listed on them to ensure that there are no malicious codes and harmful setups in them.
However, when you download and install apps from external sources, you don’t have the same guarantees that they’ve been checked. That is why hackers and developers with malicious intent will use those external marketplaces to ship infected apps onto your devices.
Depending on the industry that you are in, data is very crucial to everyday operations.
The healthcare industry, for example, needs patient data 24/7 to keep taking care of the patients on hand and provide continuous care to their previous clients. Should such data be locked down in ransomware, these corporations will scramble to pay to get their data back.
Ransomware attacks are one of the most popular because of the payday that hackers stand to gain from them. If one of the computers on the company network can be breached, such as that of someone working from home, the unauthorized user can surely inject their ransomware into the system.
It’s not all Gloomy
These potential attacks do not mean that it is time to up and get back into the offices. Leveraging simple cybersecurity tips and tricks as outlined below, you can get the best of unauthorized users and stay safer on your networks/ computers while working remotely.
Always backup your devices
Have an online and offline backup stored separately, just in case.
A backup gives you insurance against any form of attacks that might occur on your computers.
For ransomware, you can simply wipe the system down and restore it from backup. Even if your computers get stolen, you can initiate a wipe of the stolen device, get another unit and restore all your data as if nothing was wrong.
Choose secure passwords
Across all of your accounts and devices, make sure to use only strong and reliable passwords. This is not the place to use any of the commonly breached passwords, your pet’s name, date of birth, or such other personally identifying details.
Get a random password generator to throw up strings of text that will be almost impossible to hack. Since they will be difficult to remember, install a trusted password manager to store all of your secure logins in one place also.
Install security apps
Did you know that you could have malware on your unit and not even know about it till it’s too late? That is one of the reasons why you need antimalware (such as an antivirus) on your computer.
But times are changing, and that is not the only security app you should have on your computers.
These days, using a VPN for security is a no-brainer. Activate the VPN to encrypt your network connection and the data that you send over such a network. Likewise, a VPN helps you to prevent doxxing attacks, makes it impossible to identify you on the internet, and keeps your sessions anonymous.
Update your device regularly
Check frequently to keep your device and the apps on it up to date. You can set up automatic prompts to look for updates and automatically install them or notify you of these updates so that you can manually apply them. In line with that, never load apps from sources other than the official stores that come with your OS.
Finally, make sure your firmware is always up to date so that you are protected against exploits and other backdoors that might have been discovered in the system.
Remote work can surely become the future of work, but there is a lot to be done on the cybersecurity front to get there. Considering how much a company loses in money, downtime, and goodwill whenever they suffer a breach, this is a valid concern.
Applying the various tips and best practices above is a step in the right direction towards activating and actualizing the future of remote work as we know it.