How “smart” is your home? Could you list everything under your roof that’s connected to the internet? Let’s start that list – computers, tablets, smartphones, TV, thermostat, speakers, game consoles, hearing aids… you get the idea. These are all endpoints that can create potential vulnerabilities that can lead to a cyber intrusion.
It’s not just the endpoints that could be a possible entry for a hacker, you need to take into consideration the equipment that makes up your network too, like your router and access point.
The point is that there are probably many devices using your home network and unless you live alone, you’re not the only person accessing the internet. The security of each device, and the activity of each person, has an impact on security which you can’t ignore if you have employees working from home.
How to Mitigate Home Network Risks
Remote working is going to be the norm for a lot of people for the duration of the COVID-19 public health crisis. Some people might never go back to the office full-time now that they’ve had a taste of the work-from-home life.
If you haven’t already, it’s not too late to make sure that your remote work setup is secure and that you’re not ignoring the risks presented by your employees’ home networks with these guidelines.
1. Provide Secure Access
Using VPN (Virtual Private Network) or SharePoint are the most secure ways for your employees to get to the files and software that they need. VPN is like an encrypted tunnel that protects the internet path that goes from your employee’s computer to your server.
SharePoint is a Microsoft platform that includes file storage and sharing tools. When combined with other applications like Teams, SharePoint provides a way for your employees to communicate and collaborate in a secure environment.
2. Password Management for Hardware
Remember that everything that you connect to your network should have a password. The key word here is should because it’s not always easy to figure out how to change the password on a device, and for some equipment, it might not even be possible to change the password. Best practices for passwords include the use of long pass phrases and to have a unique password for every device.
The Internet of Things (IoT) is actually a prime target for cyber criminals who want to use the computing power of the devices they take over to create botnets. A botnet – a combination of the words robot and network – is a collection of devices whose capabilities have been hijacked for illicit purposes.
3. Multi-Factor Authorization for Accounts
Good password management is a requirement for securing the web-based accounts that your employees use every day. Using multi-factor authentication (MFA) takes security a step further by requiring an additional login step that includes a physical device that your employee has in their possession, usually their smartphone.
A popular tactic of cyber criminals is to take control of an email account and from there the bad guy can get access to other accounts and even lock you out by changing your password. If you have MFA enabled, you can make sure that won’t happen.
4. Train and Enforce Security Policies
Many of the dangers of your home network can be avoided just by training employees in how you want them to behave. For example, policies can specify how employees can connect to your server and their accounts. They can also limit use of company equipment to the employee only, and not their family, and what the employee can and cannot do on the internet.
Security policies should give employees explicit instructions about where to store data. It can be tempting for employees to save files locally on their device, especially if their secure access is slow or intermittent. This practice puts data outside of the visibility of IT where it can’t be backed up or protected.
It You Connect It, Protect It
One of the themes in this year’s National Cybersecurity Awareness Month is “If You Connect It, Protect It.” As our daily lives become more and more intertwined with technology, and our personal and professional lives converge when we work from home, we need to pay attention to how we’re connecting to the internet and make security a priority, not a second thought.