Working from home? Don’t forget to practice good cybersecurity hygiene #WisdomWednesday
Working from home during the pandemic has brought a host of new challenges, from finding a quiet place to concentrate to figuring out a new work/life balance. But there’s another challenge that’s often overlooked: cybersecurity. Many of us are accessing company networks from home, and cyber criminals are looking to take advantage. Recently we’ve started sharing advice every Wednesday for getting through the corona crisis. This week: some tips to keep your company data as clean as you keep your hands!
#1 Practice cybersecurity 101
Let’s start with the basics. It’s important to keep all your data safe and secure. That means connecting to the internet via secure networks. Check that your home network and wifi system are secured. Open or insecure connections can allow people nearby to spy on your traffic or hijack your connection. Securely store sensitive files and dispose of sensitive data in a safe way. Also make sure your software, operating system and browser are up to date, especially your firewall software. The older your systems, the more vulnerable they are. So don’t click away those system update pop-ups!
Don’t forget to update all your passwords, and avoid the basic no-no’s there: nothing too simple or easy to guess like family names or birthdays. Go for 12-character passwords that include capitals and numbers. And don’t use the same one for everything! Sounds really complicated, we know. Luckily there are password managers to keep all your passwords in one place. All you have to remember is one “master key” password to get access to all of them.
As a founder or manager, it’s important to make sure your entire team is on board with these basics too. So make sure they all have these tips for working from home safely and securely.
#2 Communicate securely
Can’t guarantee the security of your connection? Then you’ll want to take extra measures in communicating sensitive information with your colleagues. For example, avoid exchanging sensitive info via email if your connection isn’t 100% secure. Instead, use an app that uses end-to-end encryption, like WhatsApp or Telegram. Also be careful not to share virtual meeting links on insecure channels or online. This can leave your private meetings open to everything from spying to “Zoom bombing,” with disastrous effects!
Make sure you separate your home devices from your company ones: don’t share information between them since home devices may not have the same level of security for their operating systems or browsers. If you’re sharing devices with others in your household, have separate profiles for each person protected by a password.
#3 Beware of phishing
At this point a lot of us have grown up with spam, so we all know better right? Wrong. The thing is, cybercriminals just keep getting smarter too. They’re also preying on our fear and need for answers during the corona crisis to try to scam us.
So let’s get back to basics again here as well: be careful with emails from people you don’t know. Don’t open their attachments or links, and flag anything that looks suspicious as junk. Right now be extra wary of any emails that ask you to check or renew information, even if they seem to come from a trusted source with their logo and everything. Opening attachments or links in phishing emails makes you download malware onto your device. This could allow cybercriminals to steal private data or take control of your computer.
So what are some warning signs that an email is phishy? Here are some hints: your bank is not going to ask you for your account information in an email, and neither is PayPal. Nobody credible is going to ask you for a password or any other confidential information. Anything that urges you to act immediately or suffer the consequences is a huge red flag, as is anyone who asks you to transfer funds. So is funky spelling and grammar, or email addresses that look out of place.
When in doubt, don’t take any action. Instead get in touch with the organisation through their official website or other verified contact information to follow up. You can also pass on your questions to your IT person or partner. And don’t forget, hackers can even take over your best friend’s email account. So if you get an email from someone you know that sounds strange or ask for something unusual, be very suspicious (and give them a call instead of replying).
Leave nothing to chance: these startups have your back!
Want to cover all your bases? There are trainings and solutions you can use to protect your company against malicious elements. For example, the Start it @KBC startup Phished, which helps protect your company against cyber criminals who are after your money and company data. Phished trains your colleagues to recognise all possible phishing attacks based on their individual knowledge level. They keep their phishing skills sharp with AI-driven phishing simulations sent automatically at regular intervals. Also have you heard of Sweepatic? It’s a platform that makes companies more resilient to cyberattacks by providing information on cyber security and helping customers proactively arm themselves against threats. Those cyber criminals won’t stand a chance!
Do you have any other tips for keeping your company data clean and healthy? Don’t hesitate to share them with us!