American ExpressAmerican ExpressAmerican ExpressAmerican ExpressAmerican Express
United StatesChange Country

Cyber Security Protection While Working from Home

When you’re working from home, it’s recommended to be extra vigilant to protect against cyber security threats. Basic precautions can help keep you cyber safe.

By Mike Faden | American Express Credit Intel Freelance Contributor

6 Min Read | June 26, 2020 in Life

 

At-A-Glance

Working from home can make you a more susceptible target for cyber criminals. Experts recommend taking extra care to reduce cyber security risks when working from home.

Cyber awareness training can help you spot and avoid many threats in email and on the web.

Using strong passwords for every device and application is among the simplest and most important recommendations.

While working from home, you may be even more reliant on technology than when working in a company’s office. And, you may be more distracted, by family, pets, or other sources that can interfere with your concentration. All of which means you could become a more susceptible target for cyber criminals—and need to be extra careful about cyber security protection.

 

For many people, working from home means relying largely on online tools and applications including email, videoconferencing platforms, and web browsers. That means also being exposed to cyber security risks, ranging from phishing emails to ransomware. Furthermore, people working at home often lack cyber security protections that are provided in corporate facilities, such as a secure corporate network.

 

The good news is that you can take simple precautions to improve your home cyber security and reduce the risks. Here are some of the top ways to stay safe from cyber security threats while working from home.

 

Increase Your Awareness to Improve Home Cyber Security

One key way to improve home cyber security is simply to get better at identifying and avoiding potential threats. That’s because most security lapses are at least partly due to human error. For example, if a malicious email message evades your spam filter and arrives in your inbox, it usually can only cause damage if you mistakenly click on a link or attachment in the message. What’s more, the distractions often associated with working from home can make you more likely to click when you shouldn’t.

 

Cyber security awareness training is designed to help you learn how to spot the threats. Do you regularly receive emailed shopping coupons or discount offers? Scrutinize them closely, even if they look like they’re from a familiar retailer. Is your CEO emailing you from their personal email account with an urgent request to transfer thousands of dollars to a supplier? That may seem highly important, but it should also ring alarm bells.

 

If you work for a company that offers cyber security awareness training to its employees, be sure to take it frequently, to stay abreast of the latest threats. If that option isn’t available, there are many online sources for awareness training and tips, including the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.1

 

Reduce Cyber Security Risk When Using Email and The Web

Most cyber security threats are encountered in email or on websites, so it’s particularly important to be aware of those risks and know how to avoid them. Here are a few tips from the nonprofit Center for Internet Security:2

  • Double-check all links in emails and on websites, and don’t click if they look suspicious. Hackers may conceal a malicious link behind innocent-looking text; if you’re using a PC, hovering over the text may reveal whether the link doesn’t match the text.
  • Whenever possible, type web addresses into your browser instead of clicking on links in emails. A favorite ploy of criminals is to send emails containing URLs that look deceptively like the real thing—simply substituting a zero for an “o,” in the name, for example. If you type the address you want instead of clicking on a link, you may avoid being taken to a malicious website.
  • Enter usernames and passwords only on sites that you completely trust. Hackers often create websites that look identical to genuine, commonly used services—but are really designed to capture your information. They may then try to use that information to log in to your corporate email system or personal bank accounts.
  • Use multifactor authentication (MFA) to add another layer of cyber security. MFA applies additional checks when you sign in to an online service, to make sure that you are who you say you are. For example, if you try to log in from a computer, an MFA service would text a number to your cell phone; you have to enter that number on the computer in order to be admitted. The idea is that even if a hacker steals your password, they can’t access your account unless they have your cell phone, too.
  • If you see something suspicious, contact your company’s cyber security team, verify by other means, or do both. For example, if you receive an email request from a contact at another company and something about it looks slightly odd, call your contact at a known phone number to make sure it’s really them.

 

Secure the Network and All Your Devices

Many homes contain several devices that can connect to the internet—such as the home’s router or set-top box, WiFi access point, computers, phones, and smart devices like thermostats or alarm systems. It’s important to secure every one of those devices, because each is a potential entry point for a cybercriminal. Leaving a device unsecured is like leaving your windows and doors unlocked.

  • Always change the default password on each device to a strong password. Many devices are sold with a default username (e.g. “admin”) and password (e.g. “1234”) that are easy for hackers to guess; in fact, some malware stores a list of common passwords and automatically tries them to see if one will work. Experts generally recommend replacing each default password with a long string of numbers, letters and symbols that doesn’t include anything a hacker might be able to guess, like your birthday or a pet’s name.
  • Don’t use the same password on multiple devices.
  • Pay special attention to your home router or set-top box, which is the gateway from the internet to all the connected devices in your home. Use a strong password for your home Wi-Fi network, and make sure your router’s attack-blocking firewall is activated. You can call your internet service provider for help setting up your router.
  • Stay current on software updates for all your devices; they are often designed to fix known security problems.
  • If your employer provides a virtual private network (VPN), be sure to use it for all internet activity including email and web surfing. A VPN creates a secure connection to your company’s systems by encrypting information that’s sent via the internet, making it harder to steal.

 

Don’t Forget to Protect Videoconferences

Online videoconferencing provides many of the advantages of face-to-face meetings without the need for travel. But videoconferences can also be misused: hackers may attempt to disrupt meetings or—perhaps even worse—silently watch in order to steal confidential information. To prevent problems, take a few precautions:

  • Make videoconferences private to prevent unauthorized access. If you’re the host, require attendees to enter a password for each meeting, and admit each attendee individually.
  • Don’t share meeting links on social media. They could be seen by people you don’t want in your meeting.
  • Manage screen sharing options so that only the host or chosen participants can share their screen.

 

The Takeaway

Working from home means an even greater reliance on technology, which also means it’s a good idea to be especially careful about cyber security protection. Basic steps, such as increasing awareness through training and securing all devices, can help you improve home cyber security and reduce the risks.

Mike Faden

Mike Faden has covered business and technology issues for more than 30 years as a writer, consultant, and analyst for media brands, market-research firms, startups and established corporations.

 

All Credit Intel content is written by freelance authors and commissioned and paid for by American Express. 

The material made available for you on this website, Credit Intel, is for informational purposes only and is not intended to provide legal, tax or financial advice. If you have questions, please consult your own professional legal, tax and financial advisors.