14 Dec How to keep data safe when working remotely
Work is more portable than ever, but it also presents fresh security challenges to overcome. SPA’s member of the month Moe Ahddoud looks at how to keep data safe when remote working.
Advances in technology have changed the way we work, ushering in a new era of workforce mobility. But while remote work has become the new norm for many companies, the freedom to work from anywhere isn’t without its inherent risks. When you leave the relative security of your home or office, there’s a higher chance of your devices and data being left exposed.
Here are some basic rules to help ensure you stay safe when taking work outside the office:
Be wary when using public WiFi hotspots
Connecting to a public WiFi hotspot might seem convenient, but it’s also risky. Because these networks are highly visible, anyone can connect to them, including wireless eavesdroppers. If the connection isn’t encrypted, an attacker can easily intercept data in transit between your device and the nearest access point.
Fortunately, it is possible to use public WiFi safely, provided you follow these tips:
- Verify the network – attackers often create rogue networks that look like any normal connection point. Always double-check that you’re connecting to the right network.
- Use a VPN – virtual private networking adds an extra layer of security by encrypting all traffic. You should never use a public network for confidential activities.
- Only use secure sites – when entering any confidential information, like passwords or financial details, only use TLS-secured sites (with the https:// prefix).
- Avoid shared computers – unless you’re just casually browsing, never use a shared computer for logging into any website or online service.
The above rules also apply to home networks which have open access. If your own network isn’t secured, you should change that immediately.
Restrict access to your devices
Attackers can target any device used for work, including your own, to access the corporate network. Mobile devices present an even greater risk, simply because there’s a higher chance of them getting mislaid or stolen. Whether you’re using your own devices for work or devices issued by your organisation, you’re responsible for keeping them safe and secure. However, we also realise this is more difficult when you’re outside the office.
Here are some tips to make things safer and easier:
- Use a password or PIN code – protecting your devices with a screen lock is a simple first line of defence that gives us a chance to remediate if a device is lost or stolen.
- Don’t leave devices unattended – if at all possible, never leave a device unattended in a public space. Remember, even your car isn’t a safe enough place.
- Lock your screen – get into the habit of locking your screen whenever you leave the device unattended, even if it’s only for a few minutes.
- Use multifactor authentication – especially for portable devices, you should never rely on passwords alone, since these may be compromised by a phishing scam.
If any device used for work gets lost or stolen, you must report the incident to your line manager immediately. This will give them a chance to remotely wipe any sensitive data or revoke access rights from that device.
Always verify links and downloads before you click
Mobile malware is a growing concern. Always download mobile apps only from an official store like Google Play or the Apple App Store. Even then, it’s not unheard of that malware can make its way onto these official stores.
Here’s what you need to think about when downloading software on a mobile device:
- Don’t store sensitive data on mobile devices – never download sensitive business data on a mobile device, unless it’s stored on an encrypted partition.
- Avoid using file-sharing software – using peer-to-peer file-sharing services is highly risky, since they often contain malware. Only use company-approved file-sharing apps.
- Keep your personal files separate – keep your personal files and software on your own devices, both to protect our organisation and yourself.
- Never download mobile apps from the web – with a few exceptions, it’s generally a bad idea to download any mobile apps outside the official app stores.
Finally, if you’re using your own devices for work-related activities, always make sure you’re following security policies.