6 Cybersecurity Best Practices for Remote Workers

One of the biggest challenges organizations face is shifting to work from home. In September 2020, roughly 60% of American workers were working from home. Security risks increase as companies shift to remote work. With organizations moving to remote work and preparing for such an environment, attackers are taking an increased interest in searching for security vulnerabilities to exploit and compromise. This article discusses 6 cybersecurity best practices for remote workers that organizations should take into consideration in order for employees to work securely at home. 

Table of Contents:

1. Use a VPN
2. Beware of Phishing Scams
3. Use Antivirus 
4. Get a Sliding Webcam Cover
5. Secure Your Home Wi-Fi
6. Be Careful of Zoom and Other Video Conferencing Software

1. Use a VPN

When you work from home, typically you will need to connect to a VPN before you can access your organization’s network. Your organization should already have a VPN in use for when employees go away on a business trip and need to access the company’s network. Remember, a VPN establishes a secure and encrypted connection between your device and the organization’s network. Many VPNs use a username and password, however, organizations should consider using smart cards with a one-time password to log into a VPN. Understand that it doesn’t matter how strong your VPN is, hackers can gain access to the organization’s network if the employee’s password is easy to guess or brute forced. For this reason, a password policy should be implemented where employees have to change their password regularly.

2. Beware of Phishing Scams

Emails are one of the most essential forms of communication amongst colleagues making it an easy target for hackers to exploit. 

Be alert.  With most email phishing scams, employees will receive an email that seems to be from your organization with content that looks legitimate. But it’s not. The contents of the email may ask the user to click on a link to fill out a form or to download an attachment. If either action is performed, a malware could be installed onto your device without you knowing. Therefore, it is extremely important that employees are educated and undergo training on how to look out for phishing emails. Employees should not click on any links or download any files from emails they find suspicious. 

Email security is equally important. To protect a remote employee’s email accounts, organizations should make sure that emails can only be accessed via the organization’s VPN. Ensure that remote employees' systems encrypt data at rest because this will protect the email data if the system gets stolen or lost.

3. Use Antivirus

Make sure that your organization has invested in antivirus software. An antivirus software will run in the background and scan for any known threats on the host device such as trojans, worms, malware, viruses, spyware, and zero-day attacks. 

4. Get a Sliding Webcam Cover

Working from home means that employees will be partaking in many video calls which require the use of their webcams. Unfortunately, hackers have figured out ways to access your webcam without you knowing, therefore compromising your privacy. They are able to view all data on your system just by hacking into your webcam. Most laptops have a webcam built into their system so, in order to protect yourself, you should get a sliding cover or tape over the webcam. If your laptop doesn’t have a built-in webcam and you use a webcam that is separate from your device, then unplug it when it's not in use.

5. Secure Your Home Wi-Fi

This is one of the most important cybersecurity best practices for remote workers which is to ensure that your home Wi-Fi is secure.You should perform the following to ensure that your home Wi-Fi is secure:

• Implement a strong and unique password for your Wi-Fi rather than relying on the default password that comes with your router
• Change your SSID (the name of your Wi-Fi network) 
• Make sure that you have enabled network encryption, there are several security methods to choose from including WEP, WPA, and WPA2; the strongest security method is WPA2 
• You can limit who can access your network based on specific MAC addresses and how many people can be on your network

6. Be Careful of Zoom and Other Video Conferencing Software

Zoom has been a popular video conferencing software especially during the pandemic, and as a result, may have a number of security risks. For example, back at the peak of Covid (March 2020), there were Zoom attacks called “Zoom-bombing” attacks where uninvited guests get access into other people’s calls. Although this attack occurred on Zoom, it doesn’t mean that it can’t also happen on other video conferencing software as well. The risks that organizations face is if hackers are able to join video calls then they can steal sensitive information about your organization, clients, and more. Consider the following tips while using a video conferencing software:

• Make sure that the software is up-to-date
• Ensure that the software has end-to-end encryption 
• Make sure that the meetings are password-protected, meaning employees can only gain access to a call if they know the password

Final Thoughts: Cybersecurity Best Practices

Organizations have had to switch over to remote work due to the pandemic which was a huge change. Before the pandemic, most of the IT team focused on protecting cybersecurity within the office. However, since the pandemic, the IT teams now need to shift their focus towards the cybersecurity threats themselves. It is vital that your organization invests in technology that can help protect your network. I cannot emphasize enough how important it is that you train your employees to learn and adopt the best cybersecurity practices for working remotely. This article only talked about six cybersecurity best practices for remote workers, but there are many more. There is always more you and your organization can do to ensure the security of remote work.