Working Remotely From Home
There’s a new group of employees working from home now.
People who have worked in an office, maybe for years are finding themselves working in their home, required to do the same job they did in the office with their co-workers where they shared coffee pots and break room snacks. In many cases that was Friday...but Monday, they are told they will be setting up at home. Lugging equipment the IT staff; (if there is an IT staff), sent home in the back seat of their car, the somewhat disconcerted employees are now faced with setting it up and connecting it in a way that best works in its newfound environment.
Besides having to email people you used to “talk” to, keeping the family pet away from wires, possibly having much slower, undependable internet service, “or no internet service”, the move can be taken in moderated stride.
But, what of the enhanced security the equipment used in the office? What of the little black boxes that were there to make sure no important data got to the bad guys? What of the UPS in the office. UPS...what...? “That little battery backup that was there to keep the internet going in case the power went out.” What of the friendly IT person that either came by your desk to help out when things got jammed up? Well they can still look into problems remotely anyway...that’s good.
Home! The home work environment can be pretty neat! Nothing more comfortable than being in your own house...right? But there’s a plethora of things within this new work environment that readily enable themselves as distractions to the business of making a money. Anything from “what was that noise”, to pest control people, pets, relatives or friends “just checking in” because they know you’re working at home now and must have time to chat. With any change, there must be adjustments. Now you can pick from several things to have for lunch, and the dress code...well it can be relaxed a bit. After all, it is nice to NOT travel to and from the office.
But, to the work at hand...
Earlier, I mentioned security, with regard to the office versus your home. Chances are; if you work for a company with regulated security, like HIPPA, FERPA, and the like, the IT staff has built in some protection in the system they sent home with you. That’s not always the case though. In many instances, the relocation of workers came quickly, with no meetings or conversations about how to best secure information there.
There is an entire science, business, and philosophy around data security. That’s good, because the potential opportunity for bad actors pervasive. So the real question is...”what can we do, as work-at-home employees to help protect the job we need, want, love”?
Here’s a short list (minimum) of things that may prove helpful.
Personal devices - Don’t use personal devices to perform work for the office (unless expressly told to do so by the office)
The equipment they sent home with you almost invariably belongs to them, and has protections within it that your personal devices do not. If a hacker breaks into your laptop, they may get your credit information (not good), but if they get into the office’s system through your laptop, they could get many, maybe thousands of people’s credit information (not good at all).
Email scams - A tip on Phishing and email scams – Take notice of the sender’s email address and look for poor grammar in the subject line and email body. Hover over (but don’t click) on email links to see the URL, unless you trust the link and sender 100%. If anything about it is suspicious, contact the sender via phone or email address (other than linking from the suspect email). If you click on a link, be aware of any dubious questions, misleading comments, misspelled words, lack of “about, or contact pages”, or poor grammar, etc. In almost all cases, if you are approached by someone who says they need your personal information .
Beware of those asking you to renew or replace your password (even if the request is from a known source). Call, or in a new email or text, send a message to someone you trust with the company and ask them if the request is legitimate.
Some scammers will actually pull a name from you address book or email cache and use it, pretending they are someone you know. Beware of this scheme. It’s used often. If the subject line or body of the email doesn’t look “right”, then don’t act on it. Again, contact the person you know in a different way to discover if they sent the questionable email.
Internet Connection - Be sure your WiFi connection is secure. The internet connection at your home is a personal responsibility unless it was installed by the company you work for. Most home users simply connect and use the internet without going the extra steps required for added security.There are steps to this that vary by both equipment, and software manufacturers, and versions. You can check your internet service provider’s website to get support on how to update modem firmware, add or change the password, and IP address.
Many PC’s and laptops have software to check for internet connection vulnerabilities, and most have built-in firewall software. There are online services that may provide “enhanced” protection and/or security checks. Some charge monthly fees, other may not. Here is one company who provides various security platforms for internet connection/use. https://www.fortinet.com/. Others are out there, but it’s a good idea to check with your company’s IT staff. They’ve probably researched this in depth.
Anti-Virus - Be sure anti-virus is up to date and working, and (turned on). If you’re using your own computer for work now, you will want to be sure you have anti-virus software operational at all times. Be sure to set up the update feature so that it updates automatically, or schedule a time to update it manually every day. These days, most anti-virus software doesn’t seem to slow your computer down as in the past, because of improvements in both computers and anti-virus software.
Backing Files Up - Be sure to back up all important files regularly (on a schedule). For your work data, this is done automatically by some companies, so you’ll want to verify, but it’s just good for anyone to back up their important computer files on a scheduled basis. Companies generally back their files up to a server or cloud. You may want to back you files up to a cloud, or physical device. There’s no problem until something bad happens with your computer, and then...there is.
Passwords - Use strong passwords – “and not across multiple accounts”. Some people still use the same password they have used for years, and use the same password for many accounts. No doubt, with the need to have a password for virtually any account these days a person’s imagination for new passwords is tested. But, a strong password is very important in the defense of both your personal and work data. What is a “strong” password? A password using upper and lower case letters, numbers, and special characters, and a minimum of 8 characters can require trillions of “guesses” by a hacker’s computer before being determined. This can be done, but takes a lot of computer power and time, so it’s not nearly as attractive as a password such as “admin”, or “password”, or your birthdate. This article from Microsoft may be helpful in establishing a good password strategy. https://support.microsoft.com/en-us/help/4026406/microsoft-account-how-to-create-a-strong-password.
VPN - Consider using a VPN “Virtual Private Network”. A VPN essentially encrypts the data transfer generated by a computing device. These days, businesses almost always use a VPN for their data transfer, and there’s a good chance you company does too. It has become more common to use a VPN at home to protect communication. Because of this, the price and complication of its application has been reduced dramatically. Free versions are available, but may include ads, or other nuisances. Monthly trials are available for free, and offer a relatively low monthly price thereafter.
Updates - Install software updates regularly. Automatic updates are the best, but if you choose manual updates, then put them on a daily schedule. While software “feature updates” and “patches” are components of updates, so are security updates. Updates are also available, for either automatic or manual download for browsers such as https://www.mozilla.org/en-US/firefox/new/.
Power Backup – Earlier I mentioned a UPS. An uninterruptible power supply is almost always used by a business in order to be sure the system powered in case of a utility power outage, at least for long enough to properly shut the system down. At home, your laptop will have a battery that will likely power it through a short utility power outage. But...if the WiFi modem loses power, no internet. This can be remedied by connecting the modem to a small UPS. Doing this will power the modem during utility power “blinks” and short power outages. Eaton provides good quality UPS systems from desktop sizes through systems to backup entire server rooms for large companies. 1PointUSA represents Eaton UPS systems and will be pleased to help you determine the one which will best suit your requirement.
Now that we’ve covered the “short list” of things you might do to help secure your at-home device, there are a few things you might ask your employer about. As a minimum, they should:
Provide information on how to handle Emergency or suspect activities. Provide contact information to remote users.
Provide authentication procedures and secure sessions
Provide adequate support in case of problems
Review restricted access points on their system. Be sure they are properly restricted.
So; as of setting up your office at home, you’re responsible for both your data and your employer’s data. Nothing has changed in that regard, but now you just want to be sure you don’t provide any “open doors of opportunity” for those outside your circle.
Who knows how things are going to be long-term? Many employers may find that some employees working from home is beneficial and, some employees will likely return to the office. But, as of the recent employee migration, it’s almost certain more will be working from home than before. For some, it will be the best thing ever, for others maybe more of a challenge, but it will be a learning experience for everyone involved...and maybe...just maybe this is good time to step back a see how things might be better going forward.