Staying safe online whilst working from home

NordVPN lays out cybersecurity risks and tips for remote work.

Around 70% of global employees work remotely at least once a week--and whilst working from home provides a lot of advantages, there are still a few resources available to help manage the cybersecurity risks that remote work pose.

According to Daniel Markuson, Digital Privacy Expert at NordVPN, there are four biggest cybersecurity threats remote workers are facing right now such as email threats, cloud security, ransomware attacks, and insider threats.

"Businesses is much more vulnerable to attacks than a single person. By attacking businesses, hackers can steal employees' and customers' data and later use it to ask for ransom," Markuson said.

In 2021, ransomware had blown up to thousands of attacks per day, resulting in over $20b in financial losses. Such loss shows that businesses should invest more money into cybersecurity to protect their money and reputation.

The current COVID-19 situation has also made it easier for hackers to target businesses, Markuson said. In March 2020, when the first lockdowns were implemented, hackers started taking advantage of the social confusion and lowered cybersecurity protocols.

By the end of March 2020, the number of virus-related scams had increased by 400% compared with previous masks. Hackers were selling fake face masks, COVID-19 tests, sanitisers, and even vaccines and often impersonated reputable government agencies like the World Health Organization, using phishing tactics and social engineering.

During the first quarter of 2020, there’s already a 350% increase in phishing websites was reported. Meanwhile, 2021 was a record-breaking year for leaks, hacks, and dark web data dumps.

Early 2021, 533 million Facebook users were impacted by a massive data leak. The leak included full names, photos, numbers, emails, location information, and more. According to Facebook, the hackers behind the breach took advantage of a security flaw that was fixed back in 2019. Meanwhile, about 38 million records were exposed online in 2021 due to a flaw in Microsoft Power Apps service. The leaked information included details from COVID-19 contact tracing apps and vaccination data.

What needs to be done

In the past, workplaces that weren't geared up to function remotely, simply didn't. But when COVID-19 traversed the world, multiple companies across the globe had to adapt. Millions of office workers set up offices and companies created new management methods to accommodate the workforce confined to their homes.

Remote work is here to stay, so it's important to make sure your home network is safe and that you follow cybersecurity best practices. Below are seven helpful tips from VPN service NordVPN in keeping your devices and data safe from hackers and scammers.

1. Secure your home network

One of the most basic and important remote work security tips is to password-protect your router if you haven't done that already.

Next, try these additional steps:

• Turn off SSID broadcasts. Doing so will make it harder for others to find your home Wi-Fi network.
• Filter MAC addresses. If your router supports MAC address filtering, it will become much harder for any unauthorised device to even attempt to connect to your router.
• Set up a guest network. Setting up a guest network will allow you to create a second network on your router for visitors' devices.
• Install a VPN on your router. A VPN router allows users to browse online completely undisturbed. All online activities will be hidden from anyone trying to spy on you.

2. Use a separate device or account for work

NordVPN recommends keeping personal and professional devices and accounts separate. This way, if one account or device is breached, the other will remain safe.

3. Use company-wide cybersecurity tools

Nord Security offers various services to protect organisations and employees.

• NordVPN - Fastest VPN on the market, built to protect online traffic and privacy with next-generation encryption.
• NordLocker - An end-to-end encryption tool for safely storing and sharing files. It comes with secure cloud storage.
• NordLayer - Provides a network access security solution that scales with your business.
• NordPass Business - A password manager built using zero-knowledge encryption.

4. Encrypt sensitive files in transit and in storage

Anything can happen when all employees work from home, so it's best to encrypt sensitive files with NordLocker. By linking your account with your colleagues', you will be able to ensure end-to-end encryption for your most sensitive files.

5. Stay informed on cybersecurity and social engineering

As many employees continue to work remotely, hackers and scammers may try to exploit the situation in any way they can, so it's important to read up on different forms of social engineering and phishing to know what to look out for.

6. Avoid public Wi-Fi

According to NordVPN, public Wi-Fi is always a hazard and far less secure than private Wi-Fi and far more likely to have malicious actors connected to it.

7. Use secure collaboration tools

Check whether the tools or apps you are using have strong online features and do not leak your data to third parties. 

Digital literacy 

For Markuson, it's important for organisations and companies to give their employees the training they need and all the most essential cybersecurity tools.

"Every organisation needs to recognise problems it can face in case of cyber-attacks, ways to avoid them and steps to follow once it happens," Markuson said. "Organisations should have a security policy and make sure the employees -- especially the new hires -- read through it and follow the necessary security procedures.”

Markuson also recommended training employees and teaching them the basics of cybersecurity.

"It's best to keep teams informed about cyber threats and digital hygiene. Companies should also regularly monitor the use of computer equipment and systems to check employees' digital literacy. Business safety comes down to the employees and whether they follow the established security procedures," he concludes.