As the world continues adjusting to life in the age of COVID-19, many organizations that are able to perform work remotely have enabled their workforces to do so. With this dramatic increase in “remote” workers, it’s important for organizations and their employees to maintain a proactive security posture. Connecting to organizational networks from personal devices such as laptops, tablets and smart phones can introduce a variety of risks. Cyber criminals are well-aware of the mass migration to remote work and are ramping up their targeted phishing and cyber attack efforts. In all likelihood, an employee’s personal device or home network is less protected than company networks or corporate devices, leaving workers who are utilizing personal devices as targets to infiltrate organizations.
Below is a list of helpful tips provided by the Federal Trade Commission for employees and organizations to better secure their remote accessibility:
- Always change any pre-set router passwords and the default name of your router and keep the router’s software updated.
- Consider enabling full-disk encryption for laptops and other mobile devices that connect remotely to your network, which will protect any data stored on the device if it’s lost or stolen.
- Change smartphone settings to stop automatic connections to public Wi-Fi.
- Keep updated antivirus software on devices that connect to your network, including mobile devices.
- Use a router with WPA2 or WPA3 encryption when connecting from home, which protects information sent over a network by making it unreadable to outsiders.
- Include information on secure remote access in regular trainings and new staff orientations.
- Use policies covering basic cybersecurity, give copies to your employees, and explain the importance of following them.
- Before letting any device — whether at an employee’s home or on a vendor’s network — connect to your network, make sure it meets your security requirements.
- Tell your staff about the risks of public Wi-Fi.
Following these best practices can help reduce the risk of remote accessibility and protect your organization, or your personal device, from an array of cyber threats. For more information, visit www.ftc.gov.