Many of us are still dealing with the effects of coronavirus and will be for the foreseeable future. Working from home has meant we can do our jobs to the best of our ability. It that also means that some of us don’t have access to company firewalls and to on-site IT technicians to help with any issues should they arise.
This has led to a dramatic increase in hackers and fraudsters attempting to maliciously benefit in a time of huge uncertainty. And although the more serious hackers have seemingly turned their attention to obtaining the COVID-19 cure, you can be certain that there are plenty of people out there looking to exploit a bad situation.
First, we’ll take a look at the best safety practices when working from home including how to correctly set up your new home working environment.
Then we’ll touch on cyber security issues you may come across and what tips we have for you to prevent them.
Here are the best working from home safety tips.
Let’s get started.
When we think of working from home safely, we immediately think about online security and while the fundamentals and safety of cyber security are critical when working from home, an often-overlooked aspect is the mindset of the individual when working long hours, often alone, and it needs addressing first and foremost.
From screaming toddlers to hours of silence, the life of the homeworker can be anything but stress-free and can often be difficult to adjust to.
Recently in fact, Finder reported that 1 in 5 people working from home in the UK say they have struggled with loneliness.
So, what can we do to avoid this and ensure we start each day correctly?
The answer is habits.
If you used to say hello to your colleagues and co-workers when you walked in to the office, get in to the habit of saying hello to them electronically. Even the simple act of setting a reminder and saying good morning to those on your team can set you up for the day. Make sure you catch up with them after lunch and before you go home.
We all make the mistake (or choice depending on what mood we’re in) of sending an email when the person is in the other office a few metres away when we know we shouldn’t but we do simply because it’s easy.
Communication is key.
Not just helping with the isolation of working from home but you may discuss changes in policy that may have otherwise been missed in a torrent of emails.
Adjusting to working from home isn’t limited to loneliness. Things like working spaces, ergonomic chairs and desks and fresh air are all equally important and should be prioritised as such.
It can come as a big surprise when you spend that first week sat at the dinner table and you can’t get up to celebrate the 5 o’clock Friday feeling because of the hard chair you’ve been sitting on for hours at a time.
Some of us will be lucky, like HMRC workers, who have been given a budget to buy a separate table and chair. Most of us won’t.
It’s a dull subject but one that needs including. From making use of cushions to taking regular breaks, try to do everything you can to make life as easy as possible. You probably don’t need me to tell you that twice.
Some quick things to consider:
- Try to avoid sitting in the same position for too long. Get up, stretch, sing, shadowbox, do whatever you want for 5 minutes every hour to break up the day, especially if you don’t have an ergonomic chair and desk available.
- Same rule applies to your eyes. Even things like having a well-lit office can make a difference to your eyes if you’re spending most of your working week in your dining room or office.
Remembering you’re not in the office
This may sound blindingly obvious and I’m sure a lot of you are rolling your eyes but it’s one that is most easily forgotten.
From simple things like leaving your phone unlocked to taking calls in the line for a coffee presents potential ways that data can be stolen and then used against you or your company so it’s always a good idea to be mindful of your surroundings.
The most important thing to keep in mind from a security point of view however, is public WIFI.
Public WIFI is a hacker’s dream and can be used in any number of ways including stealing your data, encouraging you to install malware onto your device of choice, and bypassing expired firewalls.
Simply put – if the correct steps aren’t in place then you open yourself up to a host of potential issues, data breaches, security credentials or whatever else hackers can use to benefit themselves.
But there’s a simple solution that will work in the majority of cases.
Enter The VPN.
You may have heard of a VPN or use a company device with a VPN currently installed but if not, we’ll quickly go over what it does.
A VPN or ‘Virtual Private Network’ creates a tunnel that allows all of the data you send via your device to be encrypted so even on a public WIFI you will be anonymous and secure.
Beware of Phishing attacks
According to the BBC, Google is blocking over 18 million Coronavirus scam emails per day. Some of the examples we’ve seen are staggeringly realistic as we can see from the Government inspired email below:
It can often be difficult to discern between a legitimate email and a fraudulent one and hackers haven’t chosen the current Coronavirus pandemic without reason.
That being said there are a number of things we can do to avoid phishing-style scams and the one of the best and simplest solutions is user education.
Phishing scams can be roughly broken down into two categories:
- Installing malware via clicking on an email attachment or download link
- Deceiving users to pass on sensitive information or data via a spoofed site
If you use a company laptop, you’re almost certain to have anti-phishing software installed and it’s vitally important to keep it up to date so don’t delay those updates. This extends to browser ad-ons, patches or anything else for that matter.
No software is fail-safe however, so it’s good practice to learn how to spot potential scams which can transferred to your personal life as well. A good starting point is to look for emails that contain the following:
- Grammatical or spelling errors
- Requesting personal information
- Warning or urgent content
- Monetary or reward offerings
If an email displays any of the above then flag it immediately.
It may be that you receive an email that doesn’t show any of the above criteria but something feels ‘off’ then still flag it or ring to confirm if the email is real. Your gut instinct is usually right.
Phishing is further covered in our how to minimise internet security risks page.
A recent study from Cyberark showed that 93% of people have reused passwords across applications and devices and 37% of people insecurely save passwords in browsers on their corporate devices.
The risks involved are here are great.
If you use the same password to login to your work email and use the same one to access shared files then you potentially open yourself and your employer to large-scale data breaches including sensitive information and corporate secrets.
Some publications use the phrase ‘insecure people not insecure passwords’ which doesn’t tell the full story. It’s difficult to have a separate password that ticks all the boxes for character length, numbers, capital letters for each of your logins, which is on average is 27 per person.
That’s without taking into account the new pandemic we now have to deal with.
There are a few things we can do however, one of which is a password manager.
Ask your employer to see if there is a budget to use one as many of the paid managers have advanced features but if not you can either buy one yourself or try LastPass which has the best free option out there at the moment.
Company approved communication channels
So now you should be set up at home, hopefully with a good routine, up to date software and secure passwords on all of your devices. But what if you’re on your lunch and take an urgent call asking for an important file and for speed you just use WhatsApp (or your personal email address as the former Secretary Of State For International Trade was recently reported to be using) because that’s what you used last.
Not so fast.
Without diving headfirst into the ethics of a Facebook-owned company, there are a few things worth noting:
- WhatsApps data and privacy record is awful
- Disjointed communication negatively affects productivity
- Vulnerable to malware and disinformation
Even in an emergency, WhatsApp should never be used as a way of communicating with you team or anyone employed by your company. The risks are too great for it to be a viable option which is why so many businesses are now moving to cloud-based communication.
In some ways this may seem like overkill but it’s always better to be safe than sorry.
There are any number of ways you can strengthen your online security when working from home but the steps covered above will ensure that you are protected from almost anything.