Be cybersecure when working from home
Two year's worth of NIST-aligned training
Deliver a comprehensive security awareness program using this series' 1- or 2-year program plans.
If you’re like many others, the COVID-19 outbreak has you suddenly working remotely. Keep these tips in mind to avoid an outbreak of malicious cyberattacks.
The coronavirus outbreak is leading numerous organizations on a scramble to develop plans for staff to work remotely. Companies hoping to keep employees safe and stop the spread of the disease — while maintaining regular operations — have to look beyond simply sending staffers home with a laptop. Practicing good cybersecurity hygiene to prevent exposing the business to a cyberattack is as critically important in a home working environment as in the office.
Infosec, a leader in cybersecurity education and security awareness training, collected this set of tips to share with your colleagues and friends to stay cybersecure when working remotely:
Security awareness is the first order. All the security tools, strong passwords and remote worker precautions in the world won’t help unless you have a solid foundation in security awareness. Identifying phishing emails and avoiding clicking on malicious links may be your most important first step whether working from home or the office. Here are recent articles from the Articles & Research section of Infosec’s website:
Be safer with strong passwords. Don’t develop a false sense of security because you are comfortably snuggled up at home. Many people don’t practice the same strong password habits on their personal home devices as they do at the office. Add a strong password and two-factor authentication to your Wi-Fi and the router, plus any other personal devices.
Know what needs to be protected. Jot down a list of everything you don’t want falling into the wrong hands and determine a security arrangement for each. Paper notebooks and folders. Company phone. Company computer. Portable hard drives. USBs. Contact lists. Customer lists. You probably have more than you think.
Using public Wi-Fi. Not recommended. Everybody should know the danger by now, yet 81% of recent survey respondents said they still use public Wi-Fi. If you are going to use the unsecured public network at your local coffee shop or library, think twice about exposing your company’s private information this way.
Ramp up your security awareness. While browsing the web and checking your email, be on the lookout for a tidal wave of malicious sites and emails designed to play off your COVID-19 related anxiety.
Guard your login credentials. When working remotely — especially in public spaces — take care to guard your login credentials. If they are seen or shared accidentally, you’ve made tracking down illegal access very hard for the security team.
Be a VIP with a VPN. Many companies have a VPN (virtual private network) as part of online protection packages for remote and traveling staff. For those not in the know, a VPN provides a secure, encrypted connection that tunnels data directly to its destination. If your company doesn’t have one, talk to your boss. VPNs for home use run between $5-$12 a month.
Be smart and ratchet up your security outlook. Keep your family and friends from using your work computer. Install an antivirus program in your home system. Get a copy of your company’s security policy and follow it. Lock up or shred confidential documents — don’t toss them in your home recycling bin. Don’t leave your laptop, documents or other devices in your car. Keep track of your smartphone.
These common-sense steps will make you look like a security pro. Infosec has built a free Remote Working Awareness Kit full of posters and email templates designed to help you spread the word to your colleagues and teams. Good luck and stay safe!
See Infosec IQ in action
In this Series
- Be cybersecure when working from home
- Tax scam season: How to protect your data from common scams in 2024
- Security awareness for kids: Tips for safe internet use
- Celebrate Data Privacy Week: Free privacy and security awareness resources
- Consumer data, who owns it and who protects it?
- Human error is responsible for 74% of data breaches
- What is a social engineering attack?
- Biggest cybersecurity mistakes by large organizations
- 4 common social media scams (and how to avoid them)
- From theory to practice: Designing a successful security awareness training program
- Understanding cyberattacks: Types, risks and prevention strategies
- Securing digital frontiers: The importance of information and IT security awareness training
- Optimizing your corporate security awareness training: Strategies and techniques
- What is security awareness: Definition, history and types
- Top 10 security awareness training topics for your employees in 2023 and beyond
- AI best practices: How to securely use tools like ChatGPT
- Connecting a malicious thumb drive: An undetectable cyberattack
- 5 ways to prevent APT ransomware attacks
- 4 mistakes every higher ed IT leader should avoid when building a cybersecurity awareness program
- ISO 27001 security awareness training: How to achieve compliance
- Run your security awareness program like a marketer with these campaign kits
- Deepfake phishing: Can you trust that call from the CEO?
- Fake shopping stores: A real and dangerous threat
- 10 best security awareness training vendors in 2022
- How to hack two-factor authentication: Which type is most secure?
- Malicious push notifications: Is that a real or fake Windows Defender update?
- Free Cybersecurity and Infrastructure Security Agency (CISA) ransomware resources to help reduce your risk
- How IIE moved mountains to build a culture of cybersecurity
- At Johnson County Government, success starts with engaging employees
- How to transform compliance training into a catalyst for behavior change
- Specialty Steel Works turns cyber skills into life skills
- The other sextortion: Data breach extortion and how to spot it
- Texas HB 3834: Security awareness training requirements for state employees
- SOCs spend nearly a quarter of their time on email security
- Security awareness manager: Is it the career for you?
- Risks of preinstalled smartphone malware in a BYOD environment
- The ROI of security awareness training
- 5 reasons to implement a self-doxxing program at your organization
- What is a security champion? Definition, necessity and employee empowerment [Updated 2021]
- Excel 4.0 malicious macro exploits: What you need to know
- Worst passwords of the decade: A historical analysis
- ID for Facebook, Twitter and other sites? Not so fast, says security expert
- 3 surprising ways your password could be hacked
- Fake online shopping websites: 6 ways to identify a fraudulent shopping website
- All about carding (for noobs only) [updated 2021]
- Password security: Complexity vs. length [updated 2021]
- What senior citizens need to know about security awareness
- 55 federal and state regulations that require employee security awareness and training
- Brand impersonation attacks targeting SMB organizations
- How to avoid getting locked out of your own account with multi-factor authentication
- Breached passwords: The most frequently used and compromised passwords of the year
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
Security awareness
Tax scam season: How to protect your data from common scams in 2024
Security awareness
Security awareness
Celebrate Data Privacy Week: Free privacy and security awareness resources
Security awareness