10 Safety Tips For Working From Home
More and more people are working temporarily or even entirely within their own four walls. Assistants are also at least partially relocating their workplace to their own apartments. But be careful: Security risks are lurking in the home office. So that you can work as protected in the long term as you do in the office, you should take measures for better IT security. Read the article below to find out what you can do to avoid security gaps and cyberattacks when working from home.
Table of Contents
1. Raise Awareness Among The Workforce
Working from home used to be considered a luxury, even for assistants, that only a few could afford. Today, mobile working is part of everyday working life for many assistants. As a management report from the Federal Office for Security confirms, more than half of all companies surveyed would like to maintain or even expand home working. This makes it all the more urgent to guarantee information and IT security even when working from home. In order not to open the door to cybercriminals, you should first and foremost set binding rules and make employees aware of potential dangers. As the “right hand of management,” you also share responsibility. You can help raise employees’ awareness of how to deal with cybersecurity:
Record the regulations regarding security in the home office on paper. The guidelines should be formulated clearly and unambiguously. For example, the document should indicate which software or hardware can be used. It would help if you also determined which data protection regulations apply in consultation with your bosses. You then send the rules in writing to all employees. See yourself as the contact person for questions in cases where the management is temporarily unavailable.
The best protection in the home office comes through prevention. Comprehensive information for all employees is the key here. You can contribute to this, for example, by organizing and booking training courses on IT security. There are now many providers on the market – including scientific ones – who explain safety-relevant aspects to employees in an understandable way. In such training courses, they learn important basic concepts, protection goals and strategies to avert external threats.
Rehearse together with the management for an emergency and involve other departments and contact persons. In order to be optimally prepared against cyberattacks, it is sometimes necessary to take the perspective of the attackers. So-called penetration tests are suitable for assessing the chances of success of an attack. At the same time, they show you how effective the previously established security measures are and uncover any weak points. Be sure to work with competent pentest professionals. These experts look at the security situation from the perspective of a “neutral” expert and know how to assess the situation objectively.
2. Set Up A Safe Workspace
Security in the home office depends on a protected work area. As the IHK recommends, the level of security should be comparable to your office space. To prevent unauthorized third parties from accessing confidential data, you should close the doors when leaving the room. The home workplace should not necessarily be placed in front of the window where it can be seen. Apply screen protectors for additional protection. It also makes sense not to let other family members use the work computer. Ideally, it would help if you did not keep work equipment outside of the office. For example, children living in the household are not even tempted to use the work computer. If you still have curious relatives in the house, prevent access to work devices with a password-protected display lock.
3. Use A Secure Communication Channel Such As VPN
Ideally, use a VPN to access your company’s internal resources. Such a VPN transports sensitive data encrypted through an IP tunnel from the end device to the company network and vice versa. Also, remember to secure the VPN against threats from external third parties. This means: If you switch to smart cards, you no longer need a password. If you continue to use passwords, you should change them periodically. It is also necessary to always disconnect the VPN connection as soon as you use the computer privately.
4. Minimize Risks During Video Conferences
Video conferences are the order of the day in the home office. Regardless of whether you are going over the daily plan with your boss or communicating with external parties, make sure that there are no security breaches. Unfortunately, there is a risk of “Zoombombing” with some software providers. This is where uninvolved third parties sneak into conferences. These people almost always have the goal of intimidating or harassing others.
However, hackers can also monitor video conferences and gain unauthorized access to sensitive data or conversation content. To counteract this, you should always secure your conferences by entering a password or using a virtual waiting room. When organizing virtual collaboration via video conference, make sure you have up-to-date software. You should always have the latest updates and patches installed on your PC. Your webcam should also receive special attention: After the video conference, you should always disconnect connected webcams from the computer. With integrated webcams, you need a sliding cover to protect your work environment from prying eyes.
Secure your home WiFi network. To do this, change your router’s default SSID, enable network encryption, and update the router firmware regularly.
5. Make Sure Email Traffic Is Secure Even When Working From Home
Emails are a convenient way to communicate with colleagues, superiors and external partners when working from home. However, they can quickly become a security risk. Because hardly any form of communication can be manipulated so easily. So stay just as critical and attentive within your own four walls as you would in the office. Don’t give spam emails a chance, and be particularly attentive by checking every message for plausibility. To ward off cybercriminals, you should be critical of new contact requests and check them for confidentiality. You should always be critical if there is no individual address, a foreign sender or immediate calls to action. Also, never give out sensitive information, such as passwords, to strangers. In addition, you can protect your own account via an encrypted connection when working from home.
6. Set Strong And Secure Passwords
A stolen password puts your company at enormous risk and, in the worst case, can cause identity theft. Accordingly, it is important to set safe and strong passwords on all devices in your own home. Strong passwords have a minimum length of eight characters and contain letters and special characters. Keyboard patterns, family names, birth dates, or repetitions should not occur. Divide capitalization and lowercase letters. Choose your passwords so that you can easily remember them even after your vacation. At best, you rely on a password manager. Depending on the provider, such a program assigns master passwords and regularly configures new variants.
7. Be Particularly Careful When Banking Online
If you are responsible for business accounts, you will be conducting transactions on a regular basis. Of course, this also requires an online banking platform in the home office. Be particularly careful here and only use trustworthy service providers for financial transactions. Log in for every transaction using a secure “https://” connection. For reputable providers, a lock symbol can be seen in the browser, which certifies that the website has an authenticated security certificate. Never transfer money to strangers and remain suspicious, even if they are supposedly colleagues. If in doubt, it is better to consult other employees or several superiors again. This way, fraudsters have no chance of getting you to pay money.
8. Set Up Comprehensive Virus Protection
Simple and effective: an antivirus suite is essential when working from home. These take a lot of work off your hands when dealing with cybercrime. Good antivirus programs are now able to ward off up to 100 per cent of all hacker attacks. Make sure you use reputable software that updates regularly.
9. Use Multi-Factor Authentication (MFA)
A so-called multi-factor authentication protects your data in the home office more effectively than simple passwords. Set up at least two proofs of identity. If you want, you can add biometric proof to your original password, for example. In addition to biometric facial recognition, a fingerprint would be possible. In this way, hackers cannot gain access even if they have already obtained sensitive passwords.
It is best to store internal company data on centralized storage. Even if everyone works at their own home office, all employees should use the same platform and create regular backups.
10. Check Home Networks Regularly
To maintain information security in your home office, you should check your home network regularly. Outdated devices or unsecured WiFi are security risks that you should address. A regular “inspection” also has the advantage of identifying unusable or no longer used software or devices. As part of regular monitoring, you should either update these applications or stop using them.
Also Read: 5 Best Practices: Cloud Security For The Home Office