The rise of the hybrid workplace means that employees utilize devices like smartphones and tablets from offices located in their homes. This increased reliance on such personal devices and sometimes the absence of security tools means that there’s always the threat of digital security breaches and the potential exposure of sensitive data. This is why online safety at home and in the office is a must for employees in any environment. Below, we’ve compiled some top tips for safeguarding your work at home or hybrid workspace — wherever it may be.
- Implement antivirus software
- Install security software on every device
- Use long & strong passwords
- Never share passwords
- Change passwords routinely
- Don’t use the same passwords
- Keep your operating system updated
- Set-up multi-factor Authentication
- Don’t download apps from untrusted sources
- Make use of a VPN(Virtual Private Network)
- Don’t open suspicious attachments
- Have a solid backup strategy
Implement Antivirus Software.
Antivirus software is a vital component of device security and data protection. It should be installed on as many devices as possible — even on your mobile devices. Additionally, it is best to install a firewall on your device or network if possible.
Install security software on every device.
Your company and personal devices can store sensitive and confidential information like PII (personally identifiable information,) photos, and documents. So it’s vital to ensure they are protected at all times. Plus, if one of your devices becomes compromised with malware or ransomware, that will likely pose a threat to every other device on your network. So it’s essential to install security software on as many devices as possible.
Use long & strong passwords.
Passwords should be between 10 and 20 characters long, contain letters, numbers, and symbols if possible. They shouldn’t be words that can easily be guessed by anyone trying to guess them, like your birth date or anniversary. Hackers are getting smarter every day when cracking passwords, so it’s crucial to develop a unique and hard-to-guess one for every account.
Never share passwords.
It’s important to never share usernames and passwords with anyone, including employees or family members. Many people use the same password for different accounts, which can exponentially increase the likelihood of a security breach. If you have employees, don’t allow them to save their passwords on network computers because that could lead to unauthorized access.
Change your passwords routinely.
It’s important to keep passwords fresh because if they aren’t changed, hackers can still access the accounts even if the password has been hacked previously. It might seem tedious, but it’s wise to change all of your online account passwords at least once a quarter to limit your chance of an account compromise.
Don’t use the same username and password for all accounts.
Many people use identical and rarely changed usernames and passwords across multiple online accounts, exponentially increasing the likelihood of a security breach. If you have employees, don’t allow them to save their passwords on network computers, cloud services, email accounts, or social media accounts. This, too, could lead to unauthorized access of confidential information. Consider using a password manager to help you create, store and remember unique usernames and passwords.
Keep your operating system updated.
Ensure you update all personal and company device operating systems when prompted by your IT department and/or software providers. Updates often include patches for newly discovered vulnerabilities that criminals exploit to gain access to devices. It’s important to keep programs up-to-date to patch any found security vulnerabilities. Updates typically occur automatically if you have the option enabled under your app settings. Otherwise, they can be manually updated by visiting the developer’s website or consulting with your security personnel or IT team.
Set up multi-factor authentication.
Two-factor or multi-factor authentication adds another step beyond simply entering your password into a login screen. It can require you to input another type of information, like a specific letter or number sent via text message to your phone, before you can log in. This is important because it ensures two or more layers of security rather than one layer. If someone has your username and password but doesn’t have the secret code, they won’t get in.
Don’t download apps from untrusted sites.
Don’t download apps from sources other than official app stores like Google Play and Apple App Store. Many users believe that the extra security for such officially approved services is unnecessary, but it is. These official app stores have a much more stringent vetting process for apps, so it’s safer to download from those sources.
Make use of a VPN (Virtual Private Network)
Virtual Private Networks encrypt your data before sending it over a public network so malicious outsiders and third parties can’t access your information without the proper security credentials. This is especially important when traveling or using public Wi-Fi.
Don’t open suspicious attachments.
Many phishing scams try to find ways around spam filters through social engineering, which is why people should be suspicious of any unexpected emails, especially those with attachments or suspicious links to malicious websites.
Have a solid backup strategy.
Well known across the industry is the 3-2-1 Backup Strategy. Put simply, it’s at least 3 Copies of your data, stored on 2 different types of media and keeping 1 copy off-site. This practical yet simple data backup strategy is perfect and applicable for almost any business type and can handle nearly any scenario.
The above are just a few of the many cybersecurity best practices and online safety measures you can take to help you secure your hybrid workforce and other remote workers. An additional step is to invest the time and resources in continuous employee training and user awareness of how to stay safe online and #BeCyberSmart.