How To Protect Your Home Office From Cyber Crime
Working remotely has plenty of advantages, but when it comes to cybercrime you are more vulnerable. In an office, security pros and the IT department employ numerous tools to keep you safe. When you’re away from the office, it’s different. That fact hit home for many East Coast motorists as this spring’s devastating Colonial Pipeline hack was linked to a single compromised password –– one that allowed its employees to remotely access the company’s network. Although offices face cyberattacks as well, if you’re working from home, you’re more exposed.
Recently the Cologne Institute for Economic Research estimated that after employees began working from home in 2020, cyber attacks cost German businesses $62 billion worth of damages. A report from cyber security firm McAfee and the Center for Strategic and International Studies estimated that the cost of cybercrime consumed more than 1% of global GDP last year –– close to one trillion dollars! Surveying 1,500 tech professionals, the report discovered that only 44% of respondents have plans to either prevent or respond to cyber incidents. As Cologne Institute for Economic Research researcher Barbara Engels explained to Bloomberg, “Too often there were no company laptops, no training courses and no security concepts.” Hopefully your company is different. That doesn’t let you off the hook completely as there are still steps you should take as an employee. However, freelancers really need to take cyber security seriously. Your computer is not just the tool of your trade. It likely holds a wealth of privileged information about you and your clients as well. Here’s how to protect your home office from cyber crime.
The Neglected Router
Remote working employees often had their systems installed and vetted by their company’s IT team. Even if you enjoyed this privilege, that was 18 months ago. Your system needs a check-up.
Whether you are an employee or a freelancer, your system’s greatest vulnerability could be its router. You likely use a consumer internet provider which offers less robust security than commercial grade options. Added to this risk, if you’re like most people you never changed your router’s factory settings. Hackers rely on this. They often have the codes and tools to defeat those settings. If your router is a few years old, you should consider replacing it. Either way make sure all of your router’s security settings and firewalls are enabled.
Ideally, your tech equipment was provided by your company but with many small businesses it’s “BYOD” –– Bring Your Own Device. If that’s the case (or you’re freelancing,) consider getting a MAC filter which will allow you to prevent unauthorized access to your network. This can be challenging if you share internet access –– as in a housemate situation. And while we all love free wifi at the local coffee shop or fitness center, using public internet increases your exposure.
Don’t Pass on Passwords
Passwords are a bane for many of us. It always seems like companies are demanding we update them when we’re in a hurry or distracted. This tends to mean we wind up using the same or similar ones for our social, email, and financial institutions. Signing in with Google or Facebook or storing passwords on your browser isn’t ideal either. So if you’re wondering how to protect your home office from cyber crime, the first step is to take some time this week to review your passwords. Then consider using a well-reviewed password manager like LastPass or Keeper Security. If you’re an employee, you may already have these but those who are self-employed owe it to themselves (and their clients) to set up a password manager. Think about how much harder it will be to make a deadline if your system is frozen during a ransomware attack.
I’ll admit that two-factor authentication is time consuming and I’m looking forward to security that doesn’t involve dealing with texts or multiple devices. Plus, it’s not practical for something where you have to log in several times per day. However, for anything where you are logging in at the beginning of your work day, enabling that extra bit of security is ideal.
Your laptop, tablet, and desktop should also have unique passwords. Even if you live alone, other people will eventually come into your home whether they are housekeepers, the exterminator, or a distant relative. Don’t make it easy for a criminal to peruse your personal files or data.
Phishing attacks are the primary way large companies are breached. Even the most expensive security systems with the best features and firewalls are rendered useless when a single staffer clicks on a link or downloads a dodgy file. According to the FBI’s Internet Crime Complaint Center, phishing and spoofing attacks were the most common cyber crime in 2020 with almost one-quarter of a million victims and $50 million in losses nationwide.
The criminals keep getting craftier. I received an email from “PayPal” warning me that my account was frozen. The body looked exactly like their emails with the distinctive blue background and large letters. It’s easy to see how someone might fall for it if they were tired, anxious, or just not paying attention. However, looking at the source of the PayPal warning revealed a G-mail address with a huge line of letters and numbers. Email providers offer users a way to report these, which I did. This type of spoofing –– where communication from an unknown source is made to look like it’s from a known, trusted source ––– is easy to fall for. Keep in mind this hit my inbox despite a raft of stringent security measures that occasionally blocks a legit email.
The bottom line is if you receive worrying communication from a financial institution or other trusted source, open a new window on your browser and log in from there. Don’t be afraid of looking silly or paranoid. If something seems suspicious contact your IT department or your bank. Don’t click on a link. Ever. And only download attachments from trusted emails –– and with online systems like Google Docs the need to open attachments decreases daily.
Keep your data backed up on a separate flash drive and in the cloud. Your computer system is likely your primary way of earning a living. Given our current world it may also be your main way of communicating with loved ones. You owe it to yourself to keep it safe.