Billions of people across the world are working from home ever since the coronavirus outbreak plagued our beautiful world.
If you have been entrusted with the task of setting up remote users from the scratch or one of those working from home, here are some tips on how to get up and running while maintaining the highest standards of cybersecurity.
Work from Home Cybersecurity Checklist for IT Managers
- Use antivirus enterprise wide.
- Keep all systems updated and patched.
- Require complex passwords that are long and hard to crack, ideally 16 characters or more.
- Always make use of a Virtual Private Network (VPN) in front of remote access.
- Never open Remote Desktop Protocol (RDP) to the public facing the internet.
- Always ensure users have an easy way to reach out to you if they see anything unusual or suspicious.
- Ensure employees only use IT-approved cloud services.
- Increase logging and monitoring capabilities to identify both failed and successful logins, as well as activity and access logs.
Work from Home Cybersecurity Checklist for Employees
- Watch for phishing emails.
- Always ensure that you have removed the “default” or vendor password from your wireless router.
- Make sure you know and verify the source of the email. Be especially cautious about opening attachments.
- Use a password manager whenever you can. Applications such as KeePass, LastPass, and 1Password all make it simple to login using unique passwords.
- Keep your work and personal accounts separate.
- Use anti-virus software and always keep it updated.
- Immediately report anything suspicious to your IT team.
The sale of second-hand tablets and laptops soared when comprehensive lockdown came into force. If you have been assigned the task of managing remote workers, the first thing for you is to work out what equipment employees will require and carry out a kit inventory so that last minute buying scrambles can be avoided.
If the plan is to let employees use their own equipment, it is essential that it is up to the job. For this, it is imperative to check the recommended operating system and hardware specifications to run and install the software your employees will be expected to use. In case the machines used by them are underpowered or outdated (e.g. running a very basic and old i3 processor), the user may face difficulties when it comes to running business applications at once.
Avoid ‘Shadow IT’
According to American global computer security software company McAfee, 25 percent of sensitive enterprise data that goes to the cloud is uploaded to medium or high risk applications that are not approved by their employers. This phenomenon is called ‘shadow IT’, whereby employees start making the use of software for business purposes that has not been authorized, checked, or approved by the IT department.
It is important for you to note here that employees tend to fill in the gap themselves if they aren’t given the tech stack they require along with a whitelist of approved software. This situation can possibly lead to the risk of adoption of malicious apps that can result in data theft, invasion of privacy, or other exploits.
In today’s times, a big majority of organizations are looking at team management, collaboration, and communication software for the first time. Therefore, it is critical for the IT teams to ensure that only reputable and legitimate applications are deployed. For this, all official laptops, desktops, and other devices must have multi-factor authentication and end-to-end encryption that are powered by strong, verifiable uptime statistics.
We hope that this blog on work from home cybersecurity checklist was useful to you in more than just a way.