Remote work privacy & security concerns
Remote work has become a lifestyle change for a large portion of the workforce. Many jobs that were once restricted to the office have now shifted to partial or full remote work schedules. Working remotely has its challenges; inconsistent Wi-Fi speeds, hardware complications, and most importantly, security issues.
With the great convenience of working remotely, there are some security practices that tend to be ignored. The false sense of security can cause a user to slip into some bad security habits.
Your working environment should be free of any physical risks. Your work area should be set up in a way that people passing through cannot shoulder surf your device’s screens. You should also be able to see the entrance to the establishment you are in (if not in a trusted environment).
Shoulder surfing is a common tactic for attackers to take a peek at your screen. An attacker could use that information for social engineering and spear phishing attacks. You can mitigate this threat by making sure your physical configuration is placed in a way that keeps your back against a corner or wall. This way you can see who comes in and out of the establishment.
Device accountability is important because you need to know where all of your devices are at all times. This is especially true when you are working from a public place. Make sure:
- You don’t leave mobile devices unattended in public areas
- Do lock devices if you walk away briefly
- Don’t lend devices out to people (example, someone asks you to make a call because they lost their phone)
In order to maintain good network security one must be aware of the surrounding network landscape. If for example, you go to a local coffee shop to work on some projects for work and there’s free Wi-Fi; but is it safe to use? The short answer is, no.
Free Wi-Fi is generally NOT safe and you should opt to use a VPN to do any network activities on devices connected to that Wi-Fi network. The reason for this lack of security is that most free Wi-Fi networks are not encrypted and are easy targets for attackers.
To learn what a VPN is and how to choose one go here
These insecure Wi-Fi networks make it easy for attackers to place themselves in between you and the internet. A malicious user can create a fake access point which mimics the Wi-Fi router you would normally connect to. If you are in doubt, do your due diligence and research that access point before connecting to it.
If you are aware of your working environment, network security configuration, and know where your devices are at, you can help to avoid these cyber risks. Mobile devices are frequently stolen. If they are left unattended briefly and stolen or pickpocketed, a mobile device is a high ticket item for criminals. You must have control over your devices at all times and it can prevent mobile device theft.
Some things you can do to help protect your devices’ data are:
- Ensure the data is encrypted (some devices encrypt the data when the screen is unlocked)
- Keep your devices’ screen locked with a strong pin
- Enable the phone to delete your data after a number of failed tries (usually 10 or 15 tries)
- Set up a “Find my Device” feature. These work by enabling the location service of your device and finding the location of the lost device through an account online. Samsung, Apple, and other device brands have this feature
There are many ways a mobile device could become compromised. An attacker could touch your device with his/her device and transmit malware through RFID, NFC, or Bluetooth methods. In addition, physical theft is also a very real possibility in a public place.
In summary, working remotely definitely has is perks but it’s important to remember that your data and devices are still vulnerable. There are a great many attacks, exploits, and bad actors on the internet. The threat isn’t going away but we can all do our part for security. Here are some things to remember.
- Use a VPN when accessing banking, email, company web applications, and other other sensitive accounts
- Know your environment, the surrounding area, and the pay attention to the people around you
- Enable security features with your mobile device, laptop, or other electronics
- Lock the screens, enable encryption, and a don’t walk away from your devices if it all possible