The news is full of stories of cyber attackers exploiting the fact that so many of us are working from home now. The Securious team has put together a quick overview of 6 things we think we should all be doing:
1) Enable your inbuilt firewall
Firewalls help shut down unauthorized incoming connections and provide your first level of defence. Windows and Mac machines come with decent built-in options but for Mac users they are not turned on by default. At the very least, make sure you enable them before accessing the internet from home.
2) Have up to date anti virus/anti malware
Anti malware or anti virus protects you from threats that come into your machine via the internet, email or file transfer. All machines come with a decent, free option built-in, so make sure you have it enabled. But new threats are discovered every day, which means you must allow it to update and scan your files on a daily basis
3) Use strong and unique passwords
Passwords are crucial to protecting your data.
They need to be:
- Unique – one for each account
- Long enough to be virtually uncrackable
- And Memorable (or use a password manager)
The National Cyber Security Centre recommends three random words. That’s it. Special characters are not needed, but length and randomness are. Here’s a link for more guidance on this: https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0
4) Keep your desk and screen clear (and locked)
It is important to keep company documents private and secure. We suggest you:
- Lock computers when not working on them
- Secure any paperwork at the end of each day
- Check what can be seen through your windows
5) Change default wifi passwords
Make sure your home wifi connection is secure:
- Change the default password to access Wi-Fi
- Change the router’s name (that’s what people see when looking for Wi-Fi connections)
- Change the password to the admin account used to manage the router
6) Separate your personal and business life
If you are working on your personal laptop or computer, there are a few extra things to think about:
- Set up a new user account on the device, with no admin privileges, for your work. This means, if you are hacked, the damage is contained
- Likewise, separate out personal and business accounts to reduce the chance of contamination.
- If you do not already have a corporate email account, have one set up or use a temporary account, to separate from any personal emails.
- Finally, always ensure all software is up to date
The Securious team hopes this has been useful – if you would like any more details, let the us know – email [email protected] – and we’ll try to point you in the right direction. If you are responsible for a company network you might be interested in our guidance for employers on our special resources page for home working: https://securious.co.uk/covid19/