COVID-19 – a pandemic that has dramatically altered the corporate landscape. As the pandemic continues in full swing and shows no signs of abating in the near future, companies across the world are taking various steps to protect their human capital and ensure business continuity; one of the most widely-implemented measures initiated by organizations to combat the effects of COVID-19 is allowing their employees to work from their homes.
A Work-from-Home (WFH) policy helps personnel of companies work from the safety and convenience of their homes, considerably minimizing the risk of getting infected by the COVID-19 virus. But, it is also creating a serious problem – ensuring the safety and security of data. Cyber-criminals are targeting the computers of many people working from home, and this is a cause for grave concern.
In this article, we’ll examine why cyber-criminals are attacking employees working from their homes. We’ll also see how we can protect ourselves from the nefarious designs of these malevolent people.
Why are cyber-criminals targeting people working from home?
Cyber-attacks are not a new phenomenon. For years, companies have invested billions of dollars to build secure networks to protect their data from falling into wrong hands. They’ve erected ultra-strong firewalls and use impenetrable Virtual Private Networks (VPNs) to connect with the wider world. Network administrators of business organizations constantly monitor the performance of firewalls and VPNs and take various measures to ensure data safety. These initiatives go a long way in foiling the designs of cyber-criminals.
But, things are very different when it comes to computers of individual employees. The robust security measures that protect the data in the servers of companies are not (and cannot be) implemented by the employees. This allows cyber-criminals to target computers of the employees with relative ease.
How can people working from their homes avoid falling prey to cyber-crimes?
They need to focus on the following aspects to thwart the attempts of cyber criminals and ensure the safety of their data.
Secure your passwords
It is well-said passwords must be treated like toothbrushes. Don’t share them with anyone and change them frequently. Given below is a list of best practices to ensure your passwords can’t be cracked.
- The password must be hard enough to guess, yet you should be able to remember it. A good way to do this is use the first letters of a line of your favorite song and include numerals or special characters. For instance, you can use the line Do you know the way to San Jose? from the song of the same name and create a password – DYKtwTSJ.
- Add a combination of numeric and special characters to text to make life more difficult for cyber-criminals. Staying on with the Do you know the way to San Jose? example, you can add the characters 2020%& to DYKtwTSJ to create a near unbreakable password — DYKtwTSJ2020%&. Remember, the longer and more complex your passwords, the more secure they are. Make sure to create a password of at least 12 characters.
- NEVER write passwords on a piece of paper or store them on your computer. There is every chance they’ll fall into wrong hands.
- Don’t use characters from the usernames used for logging into online applications and your name in the passwords.
- Avoid using names of sports such as baseball, hockey, soccer etc. in your passwords as they can be easily cracked. They’ll make the job of cyber-criminals very easy.
- Make sure you don’t include words or numbers which can be guessed very easily. For instance, never use the names of your loved ones and pets and the brand of your car.
- See your passwords don’t contain words listed in dictionaries. For instance, there is a good chance of the password Rhapsody2834 getting cracked, as the word rhapsody is listed in a dictionary. Cyber-criminals use sophisticated software to break passwords, and their work will become a lot easier, if you use words listed in dictionaries. Likewise, avoid using terms in encyclopedias and holy texts such as The Bible.
- Don’t use a series of consecutive letters such as abcdef in your passwords. In a similar fashion, avoid using consecutive digits such as 34567 or consecutive keyboard characters such as asdfgh.
- Ensure there are no blank spaces in your passwords.
Use the latest versions of software applications
Try to use only the latest versions of software applications; if this is not possible, at least make sure you use the versions currently supported by the applications’ developers. This is because the developers of software applications come up with updates, popularly known as patches, to fix vulnerabilities; these updates can be used only on versions supported by the applications’ developers. Make sure you install the patches released by the applications’ developers to prevent bad guys from wrecking havoc with your computer.
Take multiple backups of data and store them at different places
Data backups are critical to ensure the security of your data. Make sure you create at least two backup copies of your data and store them at different places; a copy can be stored at in an external storage device, while the second can be stored in the cloud. This will help you retrieve the data easily, if you fall victim to data larceny.
Don’t operate your computer as an administrator
A computer will allow you to login as an administrator or a limited user. If you login as an administrator, you’ll have unlimited control over the computer and can even install and delete software. On the other hand, limited users can perform only the tasks that they are expected to handle; they don’t have the authority to set up and remove software. It’s advisable you don’t log into your home computer as an administrator. This is because if a cyber-criminal takes control of the home computer, while you’re logged in as an administrator, he will have the power to do whatever he wants. You don’t want evil people to destroy your computer. Do you?
Always remain alert
Cyber-criminals are acquiring new capabilities with each passing day. You need to be always alert and should never be complacent. Here’re a few points you should never forget.
- Always access your work-related applications using a VPN
- Anti-malware applications alone cannot ensure 100% cyber-security
- Don’t open emails or messages from unknown or suspicious persons
- Use your common sense; don’t fall bait to phishing emails and messages and share confidential information
At Solunus, our employees pay utmost attention to the aspects listed above, to ensure they don’t fall victim to unscrupulous cyber-criminals. As a cyber-security expert rightly remarked, “Security in IT is like locking your house or car – it doesn’t stop the bad guys, but if it’s good enough they may move on to an easier target.” Don’t you think so?
Solunus, a North-American based Salesforce Partner, prepares businesses for their next-generation customers. Established in 2014, we simplify Salesforce for you to build more meaningful customer relationships. We partner for a win-win arrangement with a clear ROI that the client realizes by the end of the engagement. Our 350+ years of cumulative industry exposure and Salesforce experience underpin our position as the right Salesforce partner. We are a team of Salesforce Certified Professionals, CRM Architects, and certified Agile Scrum Masters with a passion for making a difference.
About the Author:
Sathiyamoorthi has more than 10 years of experience in the IT Industry, His area of expertise are IT infrastructure development and management, network and cyber security, business continuity planning and delivery of IT services. Sathiya is adept at managing Cisco Unified Communications systems.
He is a Microsoft Certified IT Professional (MCITP) and Certified Ethical Hacker (CEH). Sathiya also holds the Cisco Certified Design Associate (CCDA), Cisco IP Telephony Design Specialist (CS-CIPTDS) and Cisco Express Foundation Design Specialist (CS-CEFDS) certifications.