Suddenly, everyone is their own IT Director
April 04, 2020
Cyber Security | Remote Work
Times change quickly. In the past month, nearly the entire workforce has begun working from home due to COVID-19. While sudden, this has been a growing trend: to avoid long commutes and distracting open offices, workers have moved into their second bedrooms, dens, kitchen tables or basements.Remote work has become a necessity and a preference for many - both employers and employees. However, this new arrangement is not without its stresses or risks. When it comes to protecting your home office, which includes your bank account, your company’s assets, and your family’s personal information, there are more security threats than ever before.
Where Home Office Security Threats Come From
Hackers are opportunists, and they have a keen eye to find new ways to threaten your security:
- Most home networking equipment - your router and modem, for example - aren’t created equally to their cousins in the corporate world. Security settings are fewer and less-easily controlled. Firmware vulnerabilities are patched less often and lag behind the timelines of professional equipment. Most importantly, you set up your own network (or your spouse or the techie neighbor’s kid) with a “Let’s get it done and get back to anything else” attitude. Unfortunately, setting up a network requires careful configuration and the training-based expertise of company IT department staff. Hackers know this about your network set-up.
- Personal computers use personal versions of operating systems, and not enterprise flavors, which include security features you don’t get automatically with that laptop you bought at BestBuy.
- Email security gateways, web and DNS filtering solutions, intrusion detection systems, and the slew of services that keep you safe inside the walls of an office network aren’t always extended to your home. This means phishing emails, malicious websites, and other scary traffic isn’t well mitigated.
- Backups, VPNs, password managers, etc. require setup and diligent configuration, and can result in an unwanted mixture of your personal and work life.
- At the office, connected devices are normally segmented away from critical traffic. Unfortunately at home, devices like Alexa, Nest, and even your printer, introduce new entry points for hackers.
And here’s the kicker: If your other family members use the same network and devices, you’re multiplying the risk factors of all of the above!
Using Your Company’s Computer At Home
If you use a computer from your company, some of those risks may be mitigated already, but remember they’re still connected inside your home, outside the reach of a quick IT staff deskside visit. Additionally, you’re most likely connecting to the same network as others in your house. Keeping things separate, and sustaining appropriate security measures require a unique effort on your part to maintain a good “threat posture.”
How to Safely Set Up Your Home Office
Here are a five tips we recommend doing if you’re working away from your office:
- Fix insecure wifi and networking equipment settingsNine times out of ten, modems and routers ship with default administration passwords. Attackers can easily find these passwords online and access your devices should they connect to your WiFi or get inside your network. Login to any connected devices and change the default admin account information. While you’re at it, make sure you’re using WPA2 or better encryption. Additionally, create a strong password for your WiFi and don’t give it out to guests; create a guest network instead. Havoc Shield’s Network Security Module (link incoming) guides you through these changes as well as more advanced segmentation of web traffic and security configuration.
- Turn on disk encryptionYou never think it’ll happen to you but it happens all the time - you leave your laptop in your car, in the coffee shop, or at home, and it gets stolen. Without disk-level encryption, the thief can access everything on your drive. Cloud storage might not be safe either, as many sync files down to your computer. If disk encryption is enabled, hackers won’t be able to read any of your files without decrypting the drive—luckily, this requires your password (which they don’t have!). Look into Bitlocker for Windows or Filevault for Mac OSX. If you’re running a personal version of these operating systems, you might not have access to enable disk-level encryption, or you might be required to use a specific sign in method. Overall, there are options to protect you - do a quick search for “personal full disk encryption” and set it up! Havoc Shield can help quickly guide you through the process (Link incoming) no matter what computer you use.
- Setup web traffic and DNS filteringYou can get away with just anti-virus software to start, but look into installing router-level filtering setup. This protects all the devices on your network from malicious traffic and gives you more control. OpenDNS provides good options in this area.
- Actively monitor threats to the services and systems you use at homeIt takes a good amount of time to know when data breaches happen or pointy vulnerabilities pop up with the services and systems you use, but can potentially save you many more days of heartache and financial damage if a weakness is exploited by an attacker. Subscribe to the CVE list provided by Mitre, a comprehensive database of known vulnerabilities in often used software. Scanning this list regularly will keep you in the know about what program needs to be updated or uninstalled to close a hole attackers have discovered. Havoc Shield provides a service called Threat Watch that reviews the CVE list and other data sources, filters out the vulnerabilities that don’t apply to you, and alerts you by providing a how-to mitigating module when possible. It also goes beyond technical vulnerabilities and monitors the internet and dark web for mentions of your personal information or scams and phishing techniques that are becoming more popular.
- Secure proactive help in the case of an incidentExperts agree: it’s more of a case of WHEN rather than IF you’ll be attacked online. When your computer gets hit with ransomware, or someone has changed your gMail password, you’ll want expert help. The IT department will help if you’re using company devices, but with the blending of personal and professional, things can get rocky. Secure a trusted party you can call when you need immediate help. This will undoubtedly lessen the chances of financial or reputational harm being done. Havoc Shield plans include one hour a year of suspected attack support with a live security professional.
Times have changed, and so should your home office cyber security. Try Havoc Shield free for two weeks and enable Threat Watch today.