Throughout South Florida and around the country, many businesses remain unopened or have employees working remotely during mandatory or, at this point, elective shelter in place conditions. The IT requirements of you and your remote staff members necessitate a new set of procedures and habits to maintain the security of your company network and data. The following is a suggested checklist of 18 important things you and your staff can do to maintain the security of your South Florida IT services and infrastructure for remote employees.
1) Take pictures of your setup before you unplug and move your computer to your remote work location.
At home, your IT help desk won’t be with you to reconnect everything. By taking a few quick pictures of where things are plugged and arranged can save you hours of frustration later. It is always smart to use an approved cleaning agent to wipe things down before you disconnect.
2) Install updates.
Especially if you’re working from a computer you own but don’t normally use for office work, be sure to check that all updates and patches to Microsoft, Adobe, and other critical software
applications have been installed. We understand that updates take time and it’s much faster to click ‘Remind Me Later.’ However the vulnerabilities presented by out-of-date software are the ideal entry-point for a hacker. You must protect the company data that you are accessing from home and can help to keep it safe by ensuring your software is up to date.
3) Update antivirus and anti-malware tools.
This may seem obvious. These tools are absolutely essential and are designed to reduce risk and keep your computer safe from threats that want access to your company data. However, just like your office tools, it’s easy to postpone important updates—ultimately leaving you at risk. If you’re using a home computer for work and do not have an enterprise-level antivirus and anti-malware solution, talk to your IT team for help acquiring and installing licensed, approved security softwares to use while working remotely.
4) Remove unnecessary softwares from your personal computer.
If you are using a personal computer, review the softwares you’ve installed to look for tools that you and your family no longer use. You should uninstall those softwares immediately. Unused softwares usually aren’t being updated or patched. Those patches prevent hackers from penetrating your computer. By removing unneeded or unused programs, you will have reduced that risk. If you don’t know how to do this, contact your help desk or South Florida IT Services provider to allow someone remote access to your computer to help with this.
5) Use your company’s virtual private network (VPN) at all times.
We understand that it’s just one more thing that takes time out of your day before you can work. Logging into the VPN is a lot like putting on your seatbelt when you get in the car to drive. That extra moment it takes could be the moment that saves your life, or in this case your office network from an attack. Do not forget to log back into the VPN every time you log on. It’s easy to put your computer to sleep when you walk away to grab lunch or take a break only to forget you’re no longer on the VPN.
6) Turn off any automatic connections to your Wi-Fi.
One way for hackers use to gain access to your computer is Wi-Fi spoofing. For example, let’s say you routinely connect to ‘Mom’s Wi-Fi’ and to save time you just click the button that says,‘Connect Automatically.’ A hacker can set up a portal called ‘Mom’s Wi-Fi,’ and your computer may unknowingly connect to that portal because it has been identified as a safe network.
7) Create your own network.
If possible, connect your computer to a different network than the rest of your home/remote location. It may be possible to use the company VPN to create that secure connection. If you are more technically able or have the IT help to do so, separate your company computer from the rest of the computers in your remote work location with a different router or firewall. Or if your mobile data plan gives you unlimited data, you might consider using the hot spot on your phone rather than a guest network or your home network.
8) Lock your computer.
When you aren’t using your computer, just as you likely do at your office, lock the computer to keep family members from accessing your computer. You should, as a rule, only use your company computer for business use. While it may be easier to use your company computer to surf the web or order takeout, do your best to limit personal use and do not allow friends and family to use your work computer. Something as seemingly harmless as a local restaurant’s takeout menu could end up hosting a malicious file that exposes your computer to malware.
9) Create different user accounts for family or friends.
If you need to use your personal computer for work, create a unique user profile for you that is different than others who may use that same computer. This will ensure that others are not able to access company data or create unnecessary vulnerabilities to your profile and network.
10) Use a password manager.
If your company offers a password manager, you should always use it to create and store passwords. If they don’t you can acquire your own (i.e. Keeper, Roboform or Dashlane) for a reasonable annual fee. You want to avoid saving passwords in the browser that can be easily swiped. We know it’s easier to save them in forms for quick retrieval or use the same passwords for different sites but that comes with a significant risk. Password management tools offer the creation of highly complex passwords that can be easily saved and reused through an ‘auto-fill’ function so you don’t have to write anything down or remember them. You will only need to memorize and use your ‘master password’ to gain access to all other passwords. You should also try to use two-factor authentication where it is offered. Sacrificing the convenience of saved or repeatedly used passwords is well worth it to avoid a security incident and loss of data. By the way, using a spreadsheet to save passwords isn’t much better than saving them in the security form fields so always use a secure password management tool to be safe.
11) Ask your IT team about securing the DNS settings on your computer.
Your South Florida IT Services team will likely have software or a tool you can use on your home computer that will help keep you from mistakenly going to the wrong places that invite viruses or hackers.
12) Update your softphone software.
You may very well be using your cell phone for office use via an app that connects to your office VoIP phone system. If set up correctly, this can be very convenient. However, if done without proper security measures can be exploited fairly easily by cybercriminals. If you are using a softphone system at home, again work with your IT help desk or South Florida IT Services provider to set up preventative measures to avoid hacking.
13) Establish secure browser configuration.
Google Chrome extensions can be a magnet for computer viruses. In fact, it is best not to use them at all. At the very least, make sure any extensions you are not using are uninstalled. Again, if you’re not sure how to do this, ask your IT team or IT solutions provider.
14) Use Firefox or Chrome as your browser.
Don’t up the chances of an attack by using the wrong browser. Many browsers contain vulnerabilities that can open you up to a variety of cyberattacks, ultimately leaving company data exposed. Mozilla Firefox and Google Chrome have the most up-to-date security tools that will lessen the chances of a security breach to your computer and company network.
15) Think before you act.
Hackers are looking to take advantage of you when you least expect it. You might think an email that appears to have come from your boss or CEO with a subject line that reads, “Company Coronavirus Update” or any other subject that appears to be of unusual importance may seem normal, but it may not actually be from your company. Take a moment to review who it came from (the actual email address, not the name in the display). We cannot stress this strongly enough. If the sender’s email isn’t familiar, DO NOT open the email. Also, question whether this person would typically send you an email like this.
16) Don’t be click happy.
This falls in the category of common sense but it is easy to forget while you’re in a rush or working quickly. Just because there is a link or an attachment does not mean that you need to click. If you allow your mouse to hover over the link you will see where it wants to take you. Check for the actual spelling of the domain in the area before the .com or other extension searching for anything unusual like the characters ‘1’, ‘l,’ or ‘I’ or the letters ‘rn’ instead of ‘m’ or ‘vv’ instead of ‘w.’which are often leveraged as imposter domains. More than anything you need to make a point to examine attachments or links that seem unusual in any way.
17) When in doubt: Say something right away.
You are the company firewall and the first line of defense against threats trying to invade your company network. If you run into any email that seems in any way unusual or suspicious the best thing you can do is to stop and forward that email to your IT team or South Florida IT services professional so they can review it to let you know if it is safe or not. Even if you do not intend to open any links or attachment it is better that your team knows about it than you ignore it and hope it goes away. If you accidentally did something that later you realized may have been a mistake, immediately disconnect your computer from the VPN and network and call IT right away.
18) Check with your IT team to make sure your data is being backed up!
Losing data or extensive work can be incredibly frustrating. You want to be sure that you are saving to the cloud regularly and are using settings, where possible, that autosave your work. Having a secure data backup in place, via the cloud and locally, will ensure that if anything does happen through a breach of your computer or hardware failure that your work is safe and easily retrieved. Again, make sure you discuss this with your South Florida IT services professional before something takes place so that you have a solid system in place for ongoing and secure data backup.
If you have other questions about South Florida IT Services or want to know how to protect your remote employees or your office environment from cybersecurity threats, contact User Friendly Technology Services for an evaluation. And to stay up to date on other technology related news and information, click the following link to visit (and don’t forget to Like!) our Facebook page.
