The Cybersecurity Threat You Haven’t Considered: Your Employee’s Kids

When your employees work from the office, their devices are all checking into your network, protected by a company grade firewall and their traffic is monitored from the time they log in until the time they shut down. Since most employees are now working from home, their devices are at the mercy of their home network’s security and activity. Translation- your company data and transactions could be at risk. 

When employees take their machines home or use their home machines for work, your company’s information is now in a physical and digital space that is entirely different. We often compare a company firewall to a deadbolt on the front door.  Most home networks do not have that deadbolt. Even turning on the firewall on a residential grade modem is often seen as a hassle, but these environments are often much more complex and vulnerable because of the variety of devices connected to the network. Think about your smart TVs, security systems, gaming consoles, home automation devices, personal phones, and tablets- If a hacker can get into one device, they could access the whole network. 

We hope these tips help educate and safeguard your employees and their kids, but it is only the first step towards a cybersecurity plan that encompasses home offices. The best way to ensure you’re implementing systems strong enough to safeguard your business is to talk with an IT professional. We can help you find the best solutions to secure your most valuable asset, your data. Book an introductory call to get started. 

Cybersecurity tips for everyone: 

Be careful where you click. 

Fake or malicious websites and apps (or legitimate ones that have been hacked by criminals) can jeopardize your device and its data. These sites can install malicious software onto your device if you visit them or perhaps click on the sites’ links. Malicious apps can also steal your information. They often look legitimate, offer something too good to be true, or contain some “forbidden” content such as sexually explicit material, gambling, or free movies or music. Rogue apps can look like and have similar names as legitimate ones they imitate. Then there’s “clickjacking” – bogus links on social media pages that have been hacked. They appear to link to something tantalizing but instead redirect you to a site that contains spam advertising, plants malware on your device, or posts terrible links on your profile. 

Don’t get caught by phishers. 

Phishing is when you get an email or a social media message that looks like it’s coming from a legitimate place such as a bank or a social networking site. If you click on a link in the message, you’re taken to a website that looks legitimate but could be run by criminals trying to trick you into signing in with your username and password so they can capture that information. Your best bet is not to click on the link but instead type the Web address (such as mybank.com) into your browser window and go the site that way. 

Be smart about passwords. 

Having strong passwords and changing them periodically is fundamental to your and everybody’s security. Don’t use the same password on all sites. If you need help remembering lots of passwords changed often, you can use password management software to remember and enter your passwords for you. 

Keep software & apps up to date. 

Regardless of whether you’re using a computer or a mobile device, it’s essential to keep your mobile and PC operating systems and your apps and software current. It’s not uncommon for companies to discover security flaws and vulnerabilities that they fix with updates. This is especially important for operating systems and web browsers that can be more vulnerable to attack if not up to date (check to see if they update automatically). And if you update an app or program, recheck the privacy settings to ensure they haven’t gone back to the default settings. 

Be careful before downloading. 

Be very careful when installing apps and if you’re asked to download a plug-in, document, or application, such as to watch a video. Sometimes these downloads contain malicious code. Most videos don’t require software that’s not already on your device. If you think you need a plug-in or an app, do a little research to make sure it’s legitimate. 

Consider using extra authentication. 

Some sites and services now offer dual- or multi-factor authentication to reduce the chance of unauthorized access. This typically requires an extra step, but it’s more secure. It usually means entering a code that’s sent to your mobile phone or clicking on a mobile phone app to verify that it’s you. You have to have the phone with you to get in, which reduces the chance of an intruder logging in as you. 

Use secure Wi-Fi. 

Be sure that your home network uses encryption and a password to prevent others from accessing it and be careful when using Wi-Fi at coffee shops, airports, and other public places. Only sign into known networks (like those operated by the establishment) and, because public networks are often less secure than private ones, avoid banking or shopping or doing anything highly confidential when using public Wi-Fi. 

We hope these tips help to both educate and safeguard your employees and their kids, but it is only the first step towards a cybersecurity plan that encompasses at home offices. The best way to ensure your implementing measures strong enough to safeguard your business is to talk with an IT professional. Book an introductory call to get started. 

Credit to https://www.connectsafely.org/security/ for the cybersecurity tips.