Telework Cybersecurity

With so many people continuing to work from home during the ongoing COVID-19 crisis, cybersecurity has become a major issue.  There are a variety of reasons why this is the case and actionable steps to keep your company data safe from attacks.  Telework is currently recommended by Governor Wolf and the Secretary of Health for all Pennsylvania workers that can continue to do so to help stop the spread of the virus.  Here are some practical tips for keeping yourself safe online.

As the shutdown commenced, internet providers scrambled to move their bandwidth from businesses to residential areas to accommodate all the new telecommuters and students working from home.  This put a burden on the system, bogging down speeds.  With mom & dad working and the kids doing homework or watching YouTube, many people were experiencing lag-times.  It is recommended if possible, you set up 2 channels – one for the kids and one strictly for work.  This is especially helpful if you are using larger programs like Zoom, Photoshop, or AutoCAD.  Also be sure to change your home internet password since it’s very likely that a lot of people who have visited your home have the password.  This helps protect your work from hackers.

Speaking of passwords, your work password should be unique and not used for any other accounts.  If any of your accounts are hacked and you are using the same passwords, someone could easily break into your work computer.  And stay away from the “fun” Facebook games that ask you to list things like your high school mascot, your first car, or which city you were born in – hackers can use this as a way to circumvent passwords through security questions, resetting your password and locking you out of your accounts.  For more information on digital password guidelines visit NIST.gov.

According to Forbes there has been an increase in phishing during the pandemic.  ‘“[M]ost popular sites like Zoom are well secured, the threat is growing, and precautions must be taken. “Organizations and businesses should prevent zero-day attacks with the appropriate cyber architecture that blocks deceptive phishing sites and provides alerts on password reuse in real-time.”’  You may be asking yourself, “self, what is a zero-day attack?  That sounds like what we want!”  But, no, according to Techopedia a “Zero day or a day zero attack is the term used to describe the threat of an unknown security vulnerability in a computer software or application for which either the patch has not been released or the application developers were unaware of or did not have sufficient time to address.”

Beware of spelling errors, spoof emails that look like they are legitimately from your personal accounts, and verify a sender through outside source (i.e. google, a separate email or call, or a phishing verifier site) and follow your company’s protocol for reporting and responding to phishing and spam.  Do not click on anything that seems suspicious or asks for sensitive data, it can affect not just your computer, but the entire organizational system.

If possible, use two step authentication or VPN to access your company’s extranet.  According to Microsoft this has been proven to stop 99% of cyberattacks.  This is especially true if you are working on sensitive data, proprietary information, or people’s private information – this includes emails, social security numbers, addresses, and more.  Never leave your computer unattended while on and be sure to shut it down properly at the end of the day so it is not vulnerable overnight.  Limit the amount of sensitive data you download and never onto a jump drive unless absolutely necessary.

For more information on cybersecurity guidelines and solutions visit the Cybersecurity & Infrastructure Security Agency website.  You can also watch this informational webinar from The Harrisburg Regional Chamber led by a local expert on cybersecurity.  If you or your company would like more information on developing a telework policy, telework cybersecurity policy, or need transportation resources for your employees, please visit us at Commuter Services of PA or drop us a quick email.  Don’t forget to track your telecommute trips in Commute PA and stay safe online!