As compliance with shelter-in-place orders continues, employees who are required to work from home may not have the same security protections as the actual workplace. Following simple cyber security best practices is now more important than ever before before employees can return to those offices.
With that in mind, we spoke with SMU’s CSO and Fuel Committee member George Finney. The SMU Information Technology Office recently outlined some tips for remote workers in its quarterly security update. Here are some tips That Finney suggests Fuel members can share with their employees.
Protect your home Wi-Fi. Protect yourself from eavesdropping by ensuring your home network security Settings. Check to see if it uses “WPA2” or “WPA3” security and makes your password hard to guess.
Connect to the VPN. If your company provides access to a virtual private network (VPN), be sure to take advantage of it and connect for better security.
Ensure the security of your personal devices. If you are using a device that is not issued by your employer, make sure you use a password, fingerprint ID, face ID or some other privacy protection to keep it secure.
Keep mobile and desktop devices patched and updated. Your network security team may be working on updates that become more relevant or necessary in the meantime. Please pay attention to the notices and make sure you are using the latest systems and software.
Beware of phishing emails. As more people work from home, suspicious emails are on the rise, with some even exploiting fear and isolation by pretending to offer help or useful resources. Think twice before clicking and double check the email address it comes from. Only open a file if it comes from a known source.
Protect your Zoom (and other video conferencing) meetings. When many people started using popular video conferencing platforms, “zoom bombing” — when uninvited individuals crash meetings — quickly became a problem. If you are hosting a meeting, Zoom, or otherwise, avoid Posting links on public sites. Double-check security Settings, such as features that only the moderator can let guests in, or make meetings password protected.
If in doubt, consult a cybersecurity expert. Your IT team is here to help. Rather than finding errors that compromise your security and that of your company, it’s better to play it safe. If in doubt, ask questions before taking action.