We’re all familiar with the challenges of working remotely – whether that’s distractions from everyone’s new coworker, their dog, or just trying to communicate effectively when your microphone isn’t working – but everyone connecting from home also leaves companies more vulnerable online as everyone is completely reliant on the internet.
In our last post, we mentioned that many users are not highly trained in cybersecurity, leaving companies at risk. So here are some of the top things all users should know to work safely online:
Here’s an oldie but a goodie: use strong passwords.
Most people know the standard password advice – don’t use the same password for different accounts, change your password often, and make it hard to guess. Here’s another tip for creating strong passwords: make your password a sentence or phrase that tells a story, something hard for others to guess, but easy for you to remember. A password like GotSecurity!Sloth2day is better than substituting easy to guess symbols in words (like C@T), or using information that’s readily available, such as birthdays. And a password you can’t remember isn’t going to do you any good, so it’s best to make your password unique to you!
Use a password manager.
Some of us have probably been guilty of using the same password for multiple accounts, as it can be hard to remember ten different passwords. That’s why a password manager such as LastPass can be a helpful tool. You set a master password, and the password manager does the rest, creating encrypted passwords for your other accounts. This makes sure all your passwords are different, yet you only have to remember one! A password manager also makes it easy for people to share passwords, which is especially useful with everyone connecting to their offices remotely.
Multi-Factor Authentication is your new best friend.
Multi-Factor Authentication (MFA) is when you have to provide two or more forms of verification when logging in to an account. The first is your password, and the second is often a random code or a push notification sent to your phone. While it may add an extra step to signing in to check your email, MFA is actually incredibly important, because if someone ever does guess your password, they still are unable to log in without also having your access to your phone.
Be suspicious of strange emails.
Phishing attempts are on the rise, and they often look pretty convincing. For an email that seems suspicious, make sure to check the domain on the email address. If it’s coming from Gmail, Yahoo, or another free email service, ask yourself: has my boss ever emailed me from their personal account before? Anyone can sign up for these services, so be wary when someone’s email address doesn’t match the company they claim to be from. Also keep an eye out for emails pretending to be support from big companies such as Amazon – does the email address match other emails you’ve gotten from Amazon? Under closer inspection it might not, tipping you off that it’s a scam. And always think twice before clicking on any links or downloads that you weren’t expecting – especially if they are asking you to put in a password or any personal information.
Ask yourself – is the website I’m visiting secure?
Check if the website you’re browsing has a lock icon next to the URL or shows https:// before the website address (the “s” stands for secure). If it does, then you’re in good shape. Always make sure the website is secure before putting in any payment information or passwords.
Regular updates are key.
After a certain number of updates, old versions of software become vulnerable to attacks, as companies stop providing support for outdated software. Even though it might be easier to put it off, it actually protects you to make sure you stay up to date on all your software. So next time your computer prompts you for updates, make time to let them install instead of continually snoozing the notification.
Working remotely makes everyone more susceptible to cyber-attacks, and it’s more important than ever for users to have some basic understanding of good security habits. Those who work in finance and HR are more often the target of data breaches, since they have access to the information that the bad guys want. But everyone in your organization should be aware of best practices to make sure your information is kept safe.
As always, if you have any questions about this information, we’re here to answer ‘em. Shoot us an email or give us a call at (503) 972-7272.