As the COVID-19 pandemic continues to evolve, Australian businesses are working hard to address the ongoing economic challenges that we are currently facing.
The Australian Government is continuing to enforce stricter social distancing restrictions to flatten the economic curve; as a result, businesses are incorporating additional remote multi-device access into their operations to allow their staff to work from home.
However, the risk of cyber threats is growing as the volume of employees working remotely is increasing.
We’ve put together a 6-point checklist to help you stay safe while working remotely:
1. Check that you’re using a secure WiFi connection
- Disable WPS.
- Enable WPA2-PSK.
- Check your password to ensure it is at least as strong as the requirements for your domain password.
- Ensure your router password is not the default, most routers come with basic passwords like ‘Admin/Admin’ or ‘Admin/1234!’ that makes it easy for non-technical people to get in…and easy for hackers to have a field day.
2. Ensure all devices are patched and up to date
Updates to device operating systems and applications are important as they include patches for security vulnerabilities that have been identified since the last update. All personal computers or laptops on your home network should be patched as well as all work devices.
3. Do not use your personal computers to connect to any of the company’s services even if you are using MFA
This also includes not connecting to email, SharePoint or Citrix.
4. Lock your company laptop when unattended
It is important always to be mindful of confidential/ client data on your work computer. Locking your device is a good practice to get in the habit of when leaving your device unattended, Press Windows key + L together or Hold down Shift + Command + Q. if you’re using a Mac.
5. Be on high alert!
There has been an increase in phishing incidents related to COVID-19; the H-A-L-T principle makes it easier to help identify and report suspicious emails:
- Headers: Check the ‘From’, ‘To’ and ‘Cc’ on all emails you receive. Look for suspicious details, e.g. misspelling, unknown address, numbers replacing letters 3 = e.
- Attachments: Do not open any attached documents from unknown sources. Consider opening attachments from colleagues, ask them to send you the document storage location instead!
- Links: Avoid clicking on hyperlinks. This is used to install malicious programs on your device automatically or to redirect you to a web page requiring you to input your username and password. Never input personal info after clicking a link on an email.
- Tone: Were you expecting this email? Is the email asking you to do something urgently? Are you the only recipient but the email is written to sound like it is a mass notification? These are some questions you should ask if you are suspicious of an email.
If you identify any of the above, then report it to your IT Team immediately. If you personally know the sender, then call them to confirm it was them that sent it!
6. Report any suspicious activity immediately
It’s always better to be overly cautious with cybersecurity, if there is a security risk you’ve identified or if you’re in doubt, it is still better to report it to your IT team immediately.
In these trying times, we must ask ‘what more can we be doing to protect and test ourselves’, as our team members are the first line of defence. If you need advice about how to safeguard yourself when working remotely, or if you need any extra security solutions, we are always here for a chat.