Welcome to Protify.

In accordance with cookie legislation and our privacy policy, we only place strictly necessary functional cookies. 😊

For visitor analysis, we use Google Analytics (also cookieless). May we also place some Google Analytics analytical cookies to gain a better understanding?

Eight practical tips to work safely at home

Written by Patrick van der Weide

Informative

The ability to work remotely from the office is more important than ever. Because of the coronavirus, working from home is currently the norm. However, working from home comes with a number of risks you need to consider. For instance, the risk of data leaks is higher due to more frequent use of insecure networks and equipment, and unwanted information being shared with third parties. After all, information is not just data on your laptop or mobile phone, but also information you share via phone or video calls and physical documents in your home workplace. At the office, the network and computer are often managed and monitored by an IT department and documentation is securely stored. In addition, phone calls often take place within the office environment and social control is present. At home, there is little or no such control. Also, at home there is often no or less supervision on the use of different applications and the implementation of security patches.


What can you do yourself to still work as safely as possible at home? We have listed eight practical tips for you:

  1. Ensure a secure connection to the company network
    If you work from home, you probably use your own WiFi network. Secure this network with a strong password. This prevents the network from being accessed by others. If you connect to the company network, use a Virtual Private Network (VPN). With a VPN connection, you encrypt the communication of data over the public network via a VPN server. Thus, your connection to the company network is shielded and through a secure (encrypted) connection.
  2. Use of employer-provided equipment
    Equipment such as mobile phones, laptops and PCs are often provided by the employer, making them part of the organisation’s managed resources. Often, these devices are part of mobile device management (MDM) and are thus managed and monitored by the IT department. As a result, updates to the operating system and/or applications are often done automatically without you having to do anything about them yourself and security measures can be enforced.
  3. Bring your own device (BYOD)
    When you decide to use your own equipment, agree this first with your employer. This is only possible if a BYOD policy is in place, which includes (security) measures when using your own equipment. However, you are often responsible for updates and use. Things to consider here are explained in the following paragraphs.
  4. Updates
    Notifications for updating your operating system usually do not come at a convenient time, also updates often take a long time. Therefore, this is usually the reason why updates are postponed. However, performing these updates is very important. Updates often contain not only fixes of ‘bugs’ or changes in appearance but also fix vulnerabilities in the system. Check your devices for any updates and don’t wait to install them, this way you avoid becoming a victim of a known security vulnerability.
  5. Reputable applications
    Which applications do you use to communicate with your colleagues? The number of ‘calls’ has probably increased considerably, and maybe you regularly meet people outside your organisation and use yet another application to do so. There are so many options for online meetings. Choose reliable applications from reputable providers such as Microsoft Teams, Skype, Google Meet, etc. Also look at the encryption used, does it comply with the organisation’s stated policy? Furthermore, make sure you perform updates with respect to all your business application(s). New weaknesses found are often fixed with updates.
  6. Use a password manager
    Strong passwords are important. Not only for your laptop, phone or tablet but also for your applications. Explore using 2-factor authentication (2FA) for all applications and online environments that require a password. With 2-factor authentication, a second method is used to identify you. For example, by logging into the application, an SMS with a ‘security token’ is sent to your phone or tablet. With that token, you can then log in to the application. So there is an extra verification that you are the right person trying to log in. For a blog on how to remember all these passwords, also read our Blog: A password manager as a digital safe.
  7. Recognise phishing campaigns
    There has been an increase in phishing campaigns targeting information needs around the corona virus. Make sure you are aware of the dangers of phishing. Know how to recognise it and what to do when you receive a phishing email. There are several websites that explain how to recognise phishing, for example the Digital Trust Centre or Fraude Helpdesk.
  8. Be aware where you are
    Make confidential calls, whenever possible, only in a room where no others are present. Do not use the speakerphone function to prevent people around you from listening in on your conversations. Also, when opening confidential information or documentation, check whether others can read it unseen and do not open it if this is the case. In addition, store confidential documents and do not just leave them everywhere.

Understanding information security risks?

As an organisation, do you want to understand your information security risks? Contact us and we will be happy to help you get started.

Avatar photo

Patrick van der Weide

As a freelance consultant affiliated with Protify, Patrick supports clients in the role of CISO or security officer and/or as a project contributor. Patrick has an academic background in law, broad operational IT experience, and is CISSP-certified.

Other articles on our website

A password manager as a digital safe

Aragorn’s guidance to ISO 27001