By Tapan Jatakia, Student and Cyber Security Practitioner, Computer Science & Engineering Department, DIT University, Dehradun
The SARS-COV or COVID-19 commonly known as Corona Virus has facilitated, rather, forced many office workers to remotely work for their respective organizations. Professionals working from home do experience many pleasant surprises as well as enjoy working remotely, however, they do face quite a lot of issues especially with respect to Information and Cyber Security; which has led malicious cyber threat actors to take undue advantage of this COVID19 lockdown situation and target those working remotely.
We are recommending the following 10-point checklist to be followed by every employer and employee to make their remote working experience safe and secure:
Physical Security Enabled Environment: Choosing a physically secured environment is of utmost importance while working from home. The employer or employee, as well as freelancers delivering online video conferences and presentations, must choose a well ventilated place in their home while sitting in the backdrop of a wall or put up any uniform colored plain cloth in the background so to not disclose any PII (Personal Identifiable Information) when connected online. Malicious actors always are looking for any PII that is disclosed during such video conferences. Also, make sure that no-one except you can access your laptop and desktop system while you are working remotely to facilitate working isolation and maintaining focus on your work. Do not connect to any public networks for your personal or enterprise related work.
Wi-Fi Security Enhancements: Make sure to configure your Broadband Router’s WiFi Security at WPA2. All the vendor default credentials across your Routers, Modems, Cellular WiFi hotspots must be changed and something sensible must be generated that you can remember and write down somewhere. As you are working from home, it would be appropriate to configure separate Wi-Fi networks and reserve the Host Network for the Employees-Employers while opening the guest nfor the rest of the family members to facilitate data transmission isolation across WiFi networks and avoid any in-transit bottlenecks and clogs.
Communication Platforms: Zoom, TeamViewer, Microsoft Teams, Slack, Discord, Whatsapp, Wire, Wickr, Telegram have been the most popular choices while communicating remotely across Teams.
Avoid cross-connections between work life and Personal life: For the employees who have been provided work equipment, do not use any work equipment to log into your social media accounts as far as possible while also do not perform any kind of personal activities of interest on company-issued devices and appliances. Isolation between work and home is very much required while working remotely or working from home.
Beware of Suspicious Content: The COVID-19 epidemic has led the malicious actors to take undue advantage of the situation and send phishing emails across the globe imitating the emails as if they are from the local government authorities containing Forms to befilled regarding personal details or some sort of providing your work related details.
Avoid Panic, Hoax emails and messages on Social Media: Follow your respective local and regional Government broadcasts, rules and regulations rather than believing in the various random unverified messages on social media being spread by malicious actors.
Privacy: Make sure that you lock your Zoom Meeting Room after the desired number of participants enter into the meeting as well as make the Participant joinees wait in the Lounge in Zoom Meetings and only after validating their request allow them to join. During the video conference, keep checking your participants and their activitiesin the common chats.
Cover your Webcam: Covering the webcam with a dark-colored tape is quite old but yet effective in disabling the accidental disclosure of PII. Remember the Snowden movie? Connect over to employees, colleagues, teammates over a phone call or audio call as much as possible which restricts the number of video calls using the webcam.
Device Security measures: All your company-issued devices must have security features enabled such as screen locks after 10 seconds of inactivity, logging off or shutting down the device when not in use to prevent from any accidental or inadvertent utilization by family members.
Ensure Secure Transmission Lines: Enable the various security features provided by the vendors and OEMs in your devices and utilise them for your safety and security while working remotely. Instill trust in the family members only up to the point where your work environment does not get intentionally or unintentionally interfered with or infringed. Employees usually are in perfect work isolation environment when they work with complete dedication at their respective workplace desks. When these regular office workers work from home, less likely they get such a dedicated corner in their humble abodes to work and often quite a lot of distractions emerge which must be resolved along with maintaining a balance between office work and personal life.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]