Home Office Security – Never Too Late to Evaluate
We are past the point of whether or not working remotely, or from home, is something we are unsure of. It is likely our permanent setup, or at the very least, a long term one that we need to move forward with and in confidence. It’s time to talk about home office security. These recommendations are for readers who find themselves in this situation.
While you might still use the dining room or coffee table as a desk, the physical setup is not as important as the setup of things not easily seen at first sight. Home office security needs to be top-notch and if you haven’t addressed it yet, now is the time.
There are obvious things that should be mentioned and not assumed, such as the physical security of your devices. This means your laptop, or desktop, and mobile phone. If you must leave these unattended for any time, make sure that that they are set to lock automatically. This is obviously more important if you have roommates or small children around, but not to be overlooked if you live alone. While theft isn’t something you plan on, it can occur. If you are working in a shared space of the house, move the devices at the end of the day to a location that is safe and out of sight.
The access that your device provides also should be reviewed. If you are using a personal device, this is even more important. Are your passwords shared across accounts? If yes, change them. If you do not have access to a single sign-on, consider using a password manager. Ensure that file sharing is turned off if you are on the home network and that encryption and multi-factor authentication are turned on when given as an option.
Encryption is something that should be set up for improved home office security. This, like all cybersecurity practices, does not need to be fully understood by the end-user to be implemented. Additional layers of security that apply to your home Wi-Fi should be set up, and never leave the default password for any device!
Speak with your users and allow them to ask questions; allow them to NOT understand without judgment. We are all learning new ways of working that are unfamiliar and it is overwhelming. If you are an employee that feels uncertain and afraid to ask, get over that quickly. It is much harder to undo this type of damage than it is to deal with it upfront and before a breach or identity theft occurs.
It is ok to not have all of the answers. It is ok to feel overwhelmed by all of the things that need to be done. It is not ok to just turn a blind eye and pretend like strong cybersecurity isn’t necessary right now. Take small bites daily and eventually, you will have tackled the biggest challenges you face. Start with a security risk assessment to uncover the gaps in your setup.