Author: Donald McLaughlin, Lead Consultant of CP Cyber
There are 3 scenarios that we like to educated people on when it comes to working from home.
1. Avoid using personal computers for work unless your company approves it.
- Your personal computer is not managed by your company and likely doesn’t have proper security controls configured so using it for work circumvents security controls the company may have put in place on a work computer to protect company assets/data.
- If you log into work accounts and don’t explicity log off, then family members (kids) may gain access to sensitive work documents. We’ve seen companies think they have been “hacked” but it was really just their kid who accidently sent emails out or deleted company data.
- If your home computer has a virus or malware then anything you do on it is compromised. Avoiding this scenario isolates any potential issues away from your work accounts.
2. Don’t use your work computer as a personal computer which includes sharing your work computer with family/friends.
- We often see company computers misused or compromised because employees share their work computer with their family and/or friends. Ultimately, it’s the employee’s job to protect company data and family and friends may not be as aware of the best way to do that when using the work computer.
3. Make your WiFi password strong (16+ characters phrase) and if your home network has a guest setup then only give Guest network credentials.
- WiFi passwords are often very easy to obtain because of weak passwords. We can check millions of potential passwords per second until we find the right one that lets us in.
- A guest network is essential to protecting your home network as it isolates any troublesome devices on a separate part of the network. We are trying to avoid two scenarios here, 1) a compromised device joins your home network and spreads throughout your home devices. 2) A friend’s device is compromised and the WiFi password is extracted from that device which for technically savvy people this is a trivial task.