Strengthening your WFH Cyber Hygiene

Apr 19, 2021

Over 60% percent of the world’s employees work remotely at least twice per week, and full-time remote workers are on the rise. Information security professionals have had to quickly adjust their strategies to tackle the newfound risk associated with the shift to WFH.

With the present situation, we would like to share some essential tips on how to strengthen your WFH cyber hygiene. This will also help your organization and employees stay safe during the covid-19 pandemic period. This is not only to protect people who are working from home, but also help IT security professionals, small businesses and cybersecurity experts who want to secure their distributed workforce. 

This article will start with the steps remote employees can take to secure their company’s sensitive information as well as their own personal information. While these cybersecurity measures can be used at any time, they are more essential for employees who work from home and use company networks. 

Security Tips for Strengthening your WFH Cyber Hygiene
  1. Secure Your Home Office
    Physical security should not go out the window when you are working from the comfort of your home. Just as you safeguard your office and keep it locked when you leave after a day’s activity, you must do the same when working from home. Laptops can be stolen from your home office, living room or backyard. Keep your laptop in a safe place and lock the door to your home office. Keep your home workspace as secure as you keep your normal office.

  2. Secure Your Home Router
    Cybercriminals are finding ways to exploit default passwords on home routers because many people do not bother to modify them, which leaves their home network vulnerable. Changing your router’s password from the default to a unique and strong password is an easy step you can take to safeguard your home network from cybercriminals who want to access your computer. Also, ensure firmware updates are installed as quickly as possible so that known vulnerabilities are not exploited.

  3. Separate Work Tools from Personal Devices
    It might be easier said than done. However, it’s essential to create boundaries between your home and work life, especially when you are a remote worker. While it may seem awkward to always switch between devices to pay bills or shop on the web, do your best to keep your personal computer and work computer separately. You may never know if one has been compromised. You can also do the same for your mobile devices. This will help to limit the amount of confidential information exposed if your work or personal computer has been compromised.

  4. Encrypt Your Devices
    If your employer did not turn on encryption for you, you can do it by yourself because it plays an essential role in limiting the security risk of stolen or lost devices. This prevents strangers from accessing the content of your device without the pin, biometrics or password. As a WFH cybersecurity professional, you can also use a VPN to encrypt your device.

  5. Use a Supported Operating System
    On a daily basis, new vulnerabilities and exploits are posted to CVE databases, and they can impact old versions of operating systems that are no longer supported by their developers. Generally, operating system inventors only support few major versions because supporting all versions is costly and the majority of users do upgrade their device. Unsupported versions no longer get security patches and contain vulnerabilities that put your device and confidential information at risk. Lastly, always use a supported system and try your best to upgrade to the latest version.

  6. Keep Your Operating System Updated
    If you’re using a supported operating system, there can be a major delay between the disclosure of a vulnerability and its mitigation. Even if the window is open for a few days, zero-day exploits present a major risk. To reduce WFH cybersecurity risk, make sure all devices apply security patches as quickly as possible. Most modern devices will apply updates automatically by default. However, you may need to allow your computer to restart in order to complete
  7. Keep Your Software Updated
    Operating systems are not the only thing that can be exploited. Third-party software and web browsers are targets as well. Therefore, it’s ideal to keep any installed applications updated. Most modern software will check and apply security patches automatically. For other things, you can check the latest versions occasionally. 

  8. Enable Automatic Locking
    If you walk away from your computer at a coworking space or your home office, you should lock it. You may not remember to lock it, but when you include automatic locking, you will be able to protect your device. Ensure to configure a particular time that’s not long, such as 30 seconds for mobile devices and 3-5 minutes for personal computers. Automatic locking is enabled by default on most modern devices.

  9. Use a Strong Password
    All the tips above do not matter if you don’t have a strong pin or password. Ensure you avoid anything that’s easy to try. For example, repeating numbers like (1111111), sequences like (1234567) or using common passwords that are easy to guess. Furthermore, do not use anything that is related to you, such as your driving license, personal address, date of birth and much more. A reliable password should be random to anyone else except you.  

  10. Invest in a Password Manager
    If your organization does not offer you a password manager, you should consider investing in one. A password manager will help you to create dependable passwords and remember them.

If you need a cybersecurity tool that can make your remote work effective and help you strengthen your WFH cyber hygiene, then choose Vicarius. Vicarius is a vulnerability management software that targets cybersecurity officers as well as IT managers and operators from the U.S. market.

 

Photo by Alora Griffiths on Unsplash

Written by

Kent Weigle

Recent Posts

  • 1

    Vulnerability Remediation Guidelines

    Kent Weigle October 14, 2021
  • 2

    What is Vulnerability Remediation?

    Kent Weigle October 08, 2021
  • 3

    Average Time to Remediation Hits 205 Days

    Kent Weigle August 12, 2021
  • 4

    Vulnerability Management: What You Need To Know

    Kent Weigle July 12, 2021
  • 5

    Vicarius Records Signs Underground Sensation Lil CISO

    Kent Weigle July 28, 2021
last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
    CVE Invaders
    cta_cve_06_28px.gif