Regardless of whether the computer is company-provided or BYOD, it is strongly advised to take the following precautionary measures:
If an employee has never used their laptop or device remotely or from home, they should ideally take the laptop home beforehand and test all the above measures are working properly. It’s much easier to come back into the office and have problems resolved than finding out on the first day of working from home that most applications are not working remotely.
When connecting to the company infrastructure, it’s the employer’s responsibility to ensure there is enough bandwidth available to access all applications and systems. If your employees are connecting through a mobile network using a wireless modem, mobile phone hotspot or NBN connection, it’s important to be aware of the following:
If employees are connecting to work via a home wireless network and NBN connection or any other way not provided or specified by the employer, it is the employee's responsibility for securing:
There are vulnerabilities when it comes to home wireless networks and NBN connections. Here’s what they are and the actions to take:
1. Default passwords in use, including guest passwords.
Action to take: Change default and guest passwords.
2. Higher levels of security and encryption not switched on.
Action to take: Turn on WPA2 encryption. This is more secure than WPA or WEP (Wired Equivalent Privacy) because it uses a stronger AES encryption algorithm (Advanced Encryption Standard).
Action to take: Disable WPS (Wi-Fi Protected Setup) – this is an insecure feature that makes any wireless network more vulnerable to attack.
3. Wireless network visible to any passers-by.
Action to take: Switch off broadcasting of network SSID (Service Set Identifier). Change the SSID – do not continue to use the default vendor name for the wireless network.
4. Make sure the wireless network is safe – has not been accessed by any neighbours, passers-by or any other third party.
Action to take: Enable router logs and check them on a regular basis.
5. Children accessing the home wireless network using school laptops, most of which are infected from school, other friends’ wireless networks, and/or directly from the internet.
Action to take: All machines connecting to the home wireless network must have an up-to-date Antivirus or Internet Security software installed and operational (signatures up-to-date) monitoring connection in real-time. If possible, make sure the wireless router comes with a specialised built-in firewall that adds an extra layer of protection. Moreover, switch off the wireless network if not using it for extended periods of time.
The following is a checklist to safely work from home.
1. Make sure the laptop is set to print at home rather than the usual place of work.
2. Keep any work and personal documents that contain sensitive or confidential information in a safe place and have a lockable secure mailbox at home. Destroy/shred all paper documents containing any sensitive personal, work or financial information – do not just discard in the bin.
3. Don’t post personal, private and confidential information online including details that may seem harmless but could be used to guess the password. Use strong passwords for everything meaning a short phrase that contains alphanumeric characters like %, $, # or @.
4. Store passwords securely – if it’s on a mobile device or in the cloud – they are hackable. Change passwords regularly (every three to six months).
5. Limit the use of USB’s – almost certainly never use any USB that is not scanned or unknown.
6. For all home devices (laptops, tablets, mobile phones and computers) connected to the same wireless network, especially children’s school laptops:
7. Use encryption but before encrypting anything, keep data backed-up on an external Hard Disk Drive in a secure location to avoid the pain of losing anything.
8. Whenever using a browser for transactions, use the HTTPS secure protocol.
9. Enable browser extensions from the Internet Security Suite. Browsing history can be disabled from being stored. Use the In-Private/Incognito mode for all browsers for privacy protection.
10. Be smart when travelling in public Wi-Fi zones. It is surprisingly easy to set-up a rogue Wi-Fi hot spot to steal any user’s password credentials. Within minutes a reasonably skilled hacker will obtain many passwords in a busy facility.
11. Never login to work or financial accounts using public Wi-Fi. Use a password-protected hotspot from the mobile phone instead.
12. Do not click on any links in emails that are suspicious and beware of phishing emails. Even emails forwarded by a trusted colleague may be a phishing email. Never click on any attachments in suspicious and unverified emails. Also never respond to any unsolicited emails or click on any links in such emails.
13. Only install apps on the mobile phone from the official vendor app-store (Apple, Google, etc.). Most importantly always check online first to make sure the app is safe.
14. Any files, documents and/or software downloaded or installed from the internet should be done only if it comes from verified reputable sources or providers, should be scanned by the Internet Security Suite and verified as safe before installation and/or use. The default browser may also scan downloads however it is best to set the Internet Security Suite to scan downloads.
15. If using the cloud, most cloud providers provide additional security features for an additional fee. The likelihood is that if it’s in the cloud, it can be hacked – not always because of cloud providers, but because of how the individual connects directly to the cloud that creates a vulnerability.
If making any payments on behalf of the employer or an employee has access to sensitive financial information, the guideline is to:
1. Keep credit cards safe at all times.
2. Check bank and credit accounts regularly and look out for any suspicious or unusual transactions with vendors or organisations.
3. Put alerts on the accounts where text messages or emails are sent in case of major transactions going through the account, any password changes, or any other changes such as an address, email address and mobile phone number changes.
4. For all banking, enable multi-factor authentication where the bank sends a one-time use code via text message.
5. For mobile phones – protect access using a PIN.
Having proper policies and procedures in place helps employees understand their rights and responsibilities including technical support and other facilities available when working from home.
To help ensure you have the right policies and procedures in place, download helpful resources like:
Take our free Cyber Security Health Check now to help protect your business from phishing, ransomware, malware and more. Valued at $250, it's free to Business Australia members.