Work-From-Home Cybersecurity Tips And Best Practices
Updated: Aug 11
Bluestreak Consulting™ Reading Time: 5 minutes
Working Remotely has Plenty of Cybersecurity Risks
Why Are So Many People Working From Home?
Over the past three years, the COVID pandemic has forced many companies to adapt to remote working and work-from-home (WFH) policies. Even though these policies have provided employees with more flexibility and convenience, they have also highlighted several cyber risks that companies must consider. As of March 2022, work-from-home and working remotely have increased by a whopping 238% compared to pre-pandemic numbers. Although that number has reduced somewhat recently, it has changed the way companies operate and view WFH.
Benefits Of Working From Home
One of the first challenges most companies face when shifting to a WFH model is ensuring every employee has high-speed internet access from their remote work environment. Most employees will use their home Wi-Fi network or their cell phone/wireless carrier as an internet ‘hot spot’. The first common sense rule of thumb is, always try to avoid public Wi-Fi and public charging stations. Any way you choose to access high-speed internet, it must be secure. By now, most companies should have WFH or remote work policies and procedures in place, with employee awareness and training, because they MUST be followed to reduce cybersecurity risks.
Here are some of the benefits of WFH that have been stated:
Increased employee retention and productivity
Reduced distractions and interruptions by coworkers
Reduced company overhead costs
Increased family time by eliminating commute times
Cybersecurity Best-Practices For Securing Remote Workers
If your company has employees that periodically work from home and you’re wondering what cybersecurity measures you should put in place, here are some best practices to help you:
Secure your work sessions: using a single room that has a door that can lock is the ideal situation but not everyone has that available to them. Many WFH employees are either sitting at their kitchen table or in the living room. In those cases, make sure to have your monitor facing a wall to prevent family or guests from viewing your work session. Always lock your computer when you’re away from it.
Separate your home and business networks: separate your Wi-Fi network so company-approved devices will be separate from family use, guests, and all other personal devices. Even better, use a secure network and a company-issued Virtual Private Network (VPN) to access your business accounts. You can also use BeyondTrust for secure remote access. Home routers should always be updated to the current software version when it becomes available.
Separate work and personal devices: when accessing your corporate network, only use company-approved devices. Unless your company allows Bring-Your-Own-Device (BYOD), never use an unapproved device to access your company network.
Think before you click: hackers will use phishing and other social engineering methods to target employees with legitimate-looking emails and social media messages. These can trick users into providing confidential data, such as user names, passwords, credit card numbers, social security numbers, account numbers, etc. SLOW DOWN. Don’t click on links sent from an unknown or untrusted source. Resist the urge to click links in a suspicious email. Many times, you can hold your cursor over a link and it will show you (in the bottom left corner of your screen) the website that it will go to if you click on it. If it's an unknown or suspicious site, definitely DO NOT click on it.
Antivirus with real-time scanning: antivirus software detects the presence of malware on your computer. A dynamic scanning feature repeatedly checks for computer infiltration by a malicious threat. Always keep your antivirus up to date and active.
Update programs, applications, and operating systems: vulnerabilities in applications and operating systems are continually being found and exploited. Cybercriminals often use these vulnerabilities to exploit data and infiltrate devices and networks. Application vulnerabilities are a cybersecurity challenge of remote working. Make sure you are regularly performing updates as they are released.
Use 2-Factor Authentication (2FA) or Multi-Factor Authentication (MFA): if you’re not using 2FA or MFA, you are NOT secure. You should use 2FA or MFA wherever it’s available. Your company should have this requirement in its policies and procedures.
Use strong PINs/passwords on your devices: strong passwords should contain a good mixture of upper/lower case letters, numbers, and symbols (or special characters). Passwords should also not be based on dictionary words and should contain at least twelve characters (the longer the better). Never use the same password for multiple accounts and use a password generator and a password manager.
Remote working has many benefits for both the employee and the employer, but it also has its share of cyber risks. Companies must take a proactive approach to ensure the security of their remote workers, including cybersecurity training, strong security policies and protocols, and access to secure networks.
About the Author
Joe Coleman is the cybersecurity officer at Bluestreak Consulting™, a division of Bluestreak | Bright AM™, and a regular editorial contributor for several trade publications providing technology, tips, and news for manufacturers. Joe has over 35 years of diverse manufacturing and engineering experience. His background includes extensive training in cybersecurity, a career as a machinist, a machining manager, and an early additive manufacturing (AM) pioneer. Contact Joe directly at joe.coleman@go-throughput.com.
About Bluestreak™ Bluestreak™ is a powerful Manufacturing Execution System (MES) and a fully integrated Quality Management System (QMS), designed for the manufacturing environment and service-based manufacturing companies ( metal-treating/powder-coating, plating, heat-treating, forging, and metal-finishing), businesses that receive customers’ parts, perform a process (service) on them, and send those parts back to the customer). Companies need MES software tailored to specific functionality and workflow needs such as industry-specific specifications management, intuitive scheduling control for both staff and machinery maintenance, and the ability to manage work orders and track real-time data. If different work centers on the production floor aren’t “speaking” to each other via the MES, the data loses value and becomes disjointed or lost in disparate silos.
Bluestreak | Bright AM™ is an MES + QMS software solution specifically designed to manage and optimize the unique requirements of Additive Manufacturing’s production of parts and powder inventory usage.