Published on June 9th, 2020 📆 | 2882 Views ⚑
0Want To Secure Your Work From Home Setup? Do The Opposite Of These Four Things
Even though millions of workers have been directed by their companies to work from home, it still shocks me that many of them are again not taking the proper precautions to protect their data. Some of this stems from the fact that many companies, at the onset of COVID-19, did not have substantial work from home security guidelines and requirements for users who were using their personal PCs or mobile devices to work from home. Some consumers still believe, falsely, that a severe data breach canât happen to them.
In preparing for this column, an informal (and unscientific) survey of 10 friends and family members, all of whom are working from home, demonstrated to varying degrees how many work from home users are simply not prepared. Iâm even reluctant to admit that two of my informal survey respondents told me that they hadnât changed their home email password in years, and it contains their birthday so that itâs simple to remember. Yikes.
So in the spirit of fictional George Costanza, who was once famously counseled by Jerry Seinfeld that doing the opposite of his instincts would result in the right thing to do, please embark on these contrarian recommendations to ensure that you have a highly secure work from home setup.
#1: Donât Use A Password On Your Desktop Or Laptop PC
I must begin with a âCaptain Obviousâ callout. It always horrifies me when I visit someoneâs home and notice that theyâre not using any type of password to secure their home PC (particularly laptops that can be stolen). Both Microsoft Windows and Appleâs macOS make password strong password protection too easy not to utilize. Strong password protection is needed to withstand typical password crackers that can execute 350 billion guesses per second and use ârainbow tablesâ that contain millions of pre-computed password hashes.
The most common complaint I hear from people about passwords is that they hate using them because so many must be remembered. Fortunately, those days are over as most recent vintage Windows and Apple MacBook Pro laptops employ biometrics fingerprint sensors near the keyboard. Whatâs more, Microsoft implemented âWindows Helloâ that can use your face, fingerprint, or a PIN to identify you for secure logon onto your PC. Appleâs Face ID (and similar face recognition function on Android) have had this functionality on mobile phones or tablets for a few years. Itâs surprising to me that so few Windows users take advantage of âWindows Hello,â which can be employed on a desktop PC with the right supported discrete Webcam.
Just remember that hackers love default passwords. If your laptop doesnât have a biometric sensor built into it, password managers are a great way to solve that problem. Theyâre extremely affordable multi-platform apps that create and manage encrypted passwords for all the Web sites, as well as filling out payment and personal details wherever you need them, across the Web and on any device. Again, there are several excellent solutions to choose from, including Dashlane, which has a free version that manages up to 50 passwords on a single device (the paid version has a $60 annual price tag but can manage unlimited passwords on an unlimited number of devices).
#2: A VPN Is Overkill For My Work From Home Setup
Nothing could be further from the truth. A virtual private network (otherwise known as a VPN) allows you to create a private connection over a public network. If your company already has established work from home security protocols in place, it might already utilize a VPN to permit remote workers to directly connect to their physical officeâs server (or in some cases) intranet through their home Internet connection. Without getting too detailed about the technical minutia, you should think about a VPN as a âsecure tunnelâ between your home Internet and office network connection. While VPNs are not foolproof and certainly are useful, theyâre not immune to attacks â- but having one is decidedly better than not having one as its real value that it prevents your data from being hijacked from so-called âman-in-the-middleâ attacks.
One last word of advice: when you select a VPN, make sure that you utilize a reputable company since all your Internet traffic will be passing through its servers. CNET, for example, offers excellent, thoughtful recommendations â- and avoid âfreeâ VPNs as many of them have been caught red-handed using malware or sharing your data.
#3: My Apple Mac Is Impervious To Hacking Threats So I Donât Need Security Software
This fallacy roils me. For years, the Mac operating system has had a reputation of not needing security software urban legend was that hackers focused their resources on Microsoft Windows, the continued market share leader in the PC space. I was never crazy about that rationale then, and Iâm not thrilled with it now. Windows PC may still be more susceptible, but Macs are by no means impassable strongholds.
There are many excellent antivirus software security suites for both the Windows and Mac platforms. Theyâre also very affordable as well as all the major competitors in the security suite space offer yearly subscriptions that cover multiple PCs (Norton, for example, provides comprehensive coverage for up to 5 PCs and/or Macs for $99 per year ($50 for the first year).
Almost every consumer PC sold today includes some type of trial security software protection for a brief period. Itâs bewildering to me as many consumers â- and Iâve seen this situation countless times â- donât utilize the trial subscription or let it expire. Security software isnât failsafe, but itâs excellent protection against malicious links embedded in emails or Web sites, phishing attacks, and other nefarious assaults. Not using some type of security software is akin to, in my opinion, owning a car and electing to sign up for auto insurance.
#4: My Router Plays No Role In My Home Network Security
This one is a biggie. The average âsmart homeâ connects to upwards of 20 devices or more. Not just PCs, but mobile phones, tablets, smart locks, smart speakers, and smart thermostatsâŠand thatâs just the tip of the iceberg. All these devices represent a clear and present danger to the digital security of your home network.
Most consumers see their router as merely a device to distribute WiFi coverage throughout the home. Mesh routers, including ones from Netgear and Plume, provide the ability to blanket WiFi access to virtually every square foot of even the largest homes. Your router brand decision can also play a potent role in protecting your online digital footprint as the newest models have embedded, continually updated security functionality that can protect every connected device in your home. While some âInternet of Thingsâ products are better than others when it comes to security protection, many of them are incredibly vulnerable. Even printers â- and Iâve written in the past how HP has taken on this challenge â- offer hackers with novel ways to target your home computer or network.
The best routers on the market have embedded security firmware that is continually updated with the latest threat protection and provided another defensive layer of security between your home network-connected device and the bad guys. Plumeâs Adaptive WiFi capability provides peace of mind with an architecture that offers enhanced security and privacy with real-time monitoring, analysis and quarantine of threats in real-time for all the devices on your home wireless network. Calix is a notable example of a company that offers service providers with security functionality at the router level that protects devices across the home network in a managed, integrated manner.
A Few Closing Thoughts
Ultimately, you should think about the cybersecurity of your home office in more comprehensive actions than merely the four suggestions Iâve made above. The best security protection is derived by implementing multiple layers and even redundancies. There are no guarantees that these recommendations will insulate you from all cyberattacks, but they will dramatically lower the odds.
Finally, reach out to the IT departments of your company. Even organizations that were caught off guard by COVID-19 and did not have proactive security protocols for personal devices used by work from home users back in March may have recommendations now that you can leverage. Itâs a good bet that your companyâs IT department has done their due diligence over the past 90 days, and Iâll be shocked if they donât have great tips and security recommendations for you.
The best advice I can give you is to steer clear of George Costanza as your role model for work from home cybersecurity. How he was able to get a job working for the New York Yankees, Iâll never know.
Note: Moor Insights & Strategy writers and editors may have contributed to this article.Â
Disclosure: Moor Insights & Strategy, like all research and analyst firms, provides or has provided paid research, analysis, advising, or consulting to many high-tech companies in the industry, including Amazon.com, Advanced Micro Devices, Apstra,âŻARM Holdings, Aruba Networks, AWS, A-10 Strategies, Bitfusion,âŻCisco Systems, Dell, DellâŻEMC, Dell Technologies, Diablo Technologies, Digital Optics, Dreamchain, Echelon, Ericsson, Foxconn, Frame, Fujitsu, Gen Z Consortium, Glue Networks, GlobalFoundries,âŻGoogle,âŻHPâŻInc., Hewlett Packard Enterprise, HuaweiâŻTechnologies,âŻIBM, Intel, Interdigital, Jabil Circuit, Konica Minolta, Lattice Semiconductor, Lenovo, Linux Foundation, MACOM (Applied Micro), MapBox, Mavenir, Mesosphere,âŻMicrosoft,âŻNational Instruments, NetApp, NOKIA, Nortek,âŻNVIDIA, ON Semiconductor, ONUG, OpenStack Foundation, Panasas, Peraso, Pixelworks, Plume Design, Portworx, Pure Storage,âŻQualcomm, Rackspace, Rambus, Rayvolt E-Bikes, Red Hat, Samsung Electronics, Silver Peak, SONY, Springpath, Sprint, Stratus Technologies, Symantec, Synaptics, Syniverse, TensTorrent, Tobii Technology, Twitter, Unity Technologies, Verizon Communications,âŻVidyo, Wave Computing, Wellsmith, Xilinx, Zebra, which may be cited in this article.
Gloss