Nov 14, 2018
Security is hard enough when we're working from the office, with software, hardware and processes in place to minimise security risks, but it get's even harder as soon as we leave. There's hundreds of ways that sensitive company information can be leaked via remote working, from man-in-the-middle attacks when connecting to public WiFi networks, to keystroke logging malware. In today's post we share a number of things you should consider to minimise security risk when working remotely, be that from your home, a coffee shop, or the airport business lounge.
1) Use Cloud Software Whenever Possible
By using cloud-based software, you delegate a lot of the security responsibility to the cloud software provider. If you choose well respected software providers, they'll be better equipped to secure the software than you are. Local software installed on your devices are considerably more vulnerable to attack from malware and anti-viruses, although watch out for a false sense of security. You'll need to consider the points below to minimise the risk of your information being stolen between you and the cloud software provider.
2) Watch Out for Websites Not Using SSL
When you're surfing the web, watch out for any websites which don't use SSL encryption. It's easy to identify, most browsers display secure sites clearly, for example in Google Chrome, you'll see the following: Note the green padlock indicating that the website is secure, then the "https" at the start of the website's URL. If a website doesn't use SSL (https), be weary of submitting any confidential information. Not having SSL enabled means that anyone between your computer and the website you are exchanging data with can see the information you're sharing, completely unencrypted.If you're concerned about a particular website, you can use a website like this one to assess the website's SSL configuration.
3) Protect Your Devices
It's important that at the very minimum you have anti-virus/anti-malware software installed on the devices you use for work. Regular scans will pick-up undesirable applications which could be trying to steal your information, or gain access to confidential accounts you use for work. Software like this isn't fool proof, but will prevent the most common attacks, vastly reducing the risk of being exploited. An excellent free anti-virus is AVG.
4) Connect to The Web Via a VPN
Connecting to the web via a secure, trusted VPN is a great way to improve security when using untrusted networks, like public WiFi. By connecting via a VPN, you can ensure that all of your information is encrypted between your computer and the VPN - the VPN then connects with the wider web, and to any unencrypted websites. This reduces the risk of things like, e.g. someone in the coffee shop you're in trying to harvest your account login details.
5) Enable your firewall
When you're connected to the internet, you should always have a firewall enabled. A firewall prevents many basic attacks, and will alert you when something suspicious is happening. Zonealarm's free firewall is an excellent choice if your company doesn't provide you with a paid solution, and it's much more effective than Windows' default firewall. Firewalls can be a bit of a pain to setup originally, with lots of prompts to enable access to specific applications, but it's worth it, and typically requires little maintenance once setup.
6) Be Weary of Public WiFi Networks
Be extra vigilant whenever you are using a public wi-fi network, like in a coffee shop or airport lounge. Public wi-fi networks are open to lots of abuse, and you never know whether the network has been well secured or not.Whenever you use a public wi-fi network, you are vulnerable to other computers connected to the network, and also to the network managers - like a dodgy IT guy who fancies collecting people's information. If you're doing sensitive work whilst on a public wi-fi network I cannot recommend connecting to the web via a secure, trusted VPN enough. By encrypting all your communications, it eliminates a significant amount of risk.