In response to the current COVID-19 (coronavirus) outbreak, many New Zealanders are figuring out how to effectively work from home. However, we know this will cause some security challenges for many businesses and individuals, so we have prepared some handy tips to help make your home safer and better protected from cybersecurity threats.
Important: if you (an individual or business) need help with a cybersecurity problem, you should get in touch with the team at Computer Emergency Response New Zealand (https://www.cert.govt.nz/).
Look out for COVID-19 scams and disinformation
Be on the lookout for social engineering and phishing attacks related to COVID-19 and fake IT support requests. Always be wary and use caution when reading emails or chat messages (Slack, Microsoft Teams, Facebook Messenger), when clicking on links, or when opening attachments. A good rule of thumb is to always double-check when you are asked for your personal or financial information.
Another important tip is to use trusted sources for emergency information such as the New Zealand Government’s official response site (https://covid19.govt.nz/) or your business’ intranet and official communications channels.
Working near family, kids, flatmates and shared areas
For some of us working from home is something new and we have some good tips to help you adjust to this new experience. A good goal is to try to make a safe working area that will protect the information you work with and the information systems and devices you operate and use.
- Set a dedicated work area – Physically separate your personal and work life as much as you can, so that your work becomes private and somewhere where you minimise the distractions from family, pets, and even TV.
- Keep your work area clear – Avoid leaving printed work documents on your desk and put sensitive things in a lockable drawer or cabinet when not being used.
- Lock it – Lock your computer or phone when not using it (even if you are home alone), and put sensitive things (documents, USB drives) in a lockable drawer when not being used.
- Avoid Grubby Fingers – Make sure family and friends know they cannot use your work devices, to stop them from accidentally deleting your work or installing a dodgy app.
- Keep Healthy – Your mental and physical health is important to look after and shouldn’t be neglected. So it’s a good idea to find a way to maintain communication and social interactions with your workmates (emails, chat threads, video meetups), remember to take rest breaks and get outside each day for at least a 20-minute walk and stretch (while maintaining social distancing rules of course).
Secure your home network and devices
Cybersecurity attackers are constantly looking for weakness and your home network is just another target to be compromised. You should set up your wireless network and Internet to protect it from easily being attacked and misused with at least the following steps:
- Update your router and network equipment.
- Turn on the firewall on your home router.
- Change the default administrator password on the router.
- Set a unique Wi-Fi (SSID) name and set a strong Wi-Fi password.
- Check your Wi-Fi security is set to WPA2.
You will also need to ensure that the technology you use in your home is secure and well protected, and this applies to everything from your home computer to your smart devices (TV, voice assistants), security cameras, and gaming consoles.
- Ensure your devices and apps are always up to date.
- Ensure anti-virus and anti-malware is installed and up to date.
- Turn on security features (e.g. disk encryption, firewall) if possible.
- Remember to back up your work data using your business’ systems (e.g. G Suite, Office 365, Shared Folder) or an encrypted USB drive (check with your IT team first).
Protect your Accounts and Passwords
You should always protect your work and personal login accounts, and this is no different when working from home. Beyond the standard advice to create strong passphrases, you should consider the use of a Password Manager to help you protect the 40 or more passwords most of us have to memorise. A password manager is a tool to securely save your passwords on your mobile phone or computer, and is a great way to keep passwords unique, complex, and reduces the chance of them being compromised.
We strongly suggest you also turn on multi-factor authentication (using TXT, token, or an App) for your important accounts. This should at least cover your business login, personal email (e.g. Gmail, Outlook), personal banking, and social media accounts.
We appreciate that this can be a stressful time for businesses and employees as many transition to a “working from home” environment. Security is what we do best at Axenic, feel free to contact us if you have any questions or would like to find out more about how our services can help your business security.