Working from home is a key measure to succeed in reducing the spread of the coronavirus. However, it also increases your risk of being trapped by cyber criminals.
For the past weeks, he has worked tirelessly to make it possible for as many COWI employees to work from home without bumps on their road. Now, Regional IT Manager at COWI in Norway, Gjermund Tronrud, has an important message to everyone working from home:
“To help reduce the risk of the virus spreading, it’s critical that everyone that can work from home does so. At the same time, we’re also seeing a dramatic increase in attacks from cyber criminals, who are trying to take advantage of this crisis and the fact that many are working from home. Therefore, you should extra vigilant, especially when using your work PC from home.”
Here are some of his tips and advice on how to optimise security when working from home.
At most companies, you occasionally need to work outside the office, e.g., from home. That is why most PCs are configured to work outside the office. However, it is important to be aware that when you work outside the office, you are not as protected as you do when working at the office since a home network is more exposed.
That means that you must be extra vigilant when working from home, so do not forget the basic rules on IT security. Exercise general netiquette, do not connect to unsecured networks, double-check that your private network is password-protected with a strong password, and do not visit insecure websites.
Phishing or spam mail, which encourages you to click on unknown links, are common. Now, though, this type of email is becoming more frequent. We have especially seen an increase in emails that contain specific information about the coronavirus. Interpol has also warned about emails that claim to be from health authorities and try to get the recipient to state personal information or credit card information.
Be absolutely sure who is sending you emails with links. When you are sure: Consider whether this person would normally send you this type of information by email or use that specific channel. Phishing is also a way for people to claim that they are someone you know and trust.
No matter what company you work for, it has probably increased security software on employee PCs in these days to take precautions. But these updates do not necessarily take effect, unless you turn off your PC every night. So, be sure to shut down your PC every night to make sure that all security updates are installed correctly and up-to-date.
Many companies, especially in the construction industry, carry out projects that contain documents that are either subject to a non-disclosure agreement or GDPR, or that are critical or confidential. Make sure that this type of document does not end up on your private PC or outside any work PC that is part of a security regime. Keep your work PC safe and do not lend it to anyone else in your household.
Also remember that hardcopies of documents and what you say are part of information security. Not all Skype meetings should be overheard by other family members.
Most are aware of the risk of using USB-connected equipment such as memory sticks. Not all realise that USB memory sticks that have only been used for your private PC may very well contain malware without your knowledge. Malware may potentially be inactive for a long period of time before it comes alive, which means that you may not know that equipment is infected.
With that in mind, avoid using accessories that is not part of a security regime. So, do not use your private memory sticks on your work PC, which may potentially contain documents that must not be distributed.