Cybersecurity and Working from Home
by John Bandler
I originally wrote this article in March 2020, when COVID started to hit and (almost) everyone started working from home, and students started learning from home. The start of a global pandemic I never thought I would see in my life.
This created cybersecurity issues that needed to be considered even as organizations grappled with how to simply do business.
Since the start of cloud technology and the smartphone, remote work has been steadily increasing. The pandemic was a bit shift, for sure, but ever-present internet and mobile devices means no matter where we are, we may be doing work.
The premise of my first book holds true
This situation reinforces the premise of my first book, Cybersecurity for the Home and Office. Cybersecurity (and privacy) should begin in our homes, as we educate ourselves and our family about the threats, and we secure ourselves, and then bring that knowledge and experience to the workplace. Our home and work lives and information systems are so intertwined that good cybersecurity for an organization is supported when each employee and manager has good awareness and good cybersecurity “hygiene” both at work and home.
Organizations should have in place a strong cybersecurity program with policies. Many organizations have room for significant improvement on that front. Remote work is an area organizations now need to anticipate. Working from home — especially as a sudden requirement — may mean using personal computers, networks, and possibly email accounts. These systems are not under the control of the organization and may present cybersecurity and legal risks. Fortunately, employees who are knowledgeable and have secured their home systems can minimize risks to the organization (as well as their family).
Here are some quick cybersecurity tips for you (or your employees) who are in the sudden position of working from home, using personal computers, networks, and other systems.
Follow my “four pillars of cybersecurity” as below.
- Knowledge and awareness: Human decision making and common sense are essential to remaining secure and preventing cybercrime (including with transfer of funds).
- Device security: Keep physical control of computers (don’t lose your phone or laptop), keep them malware free and updated, check your privacy and security settings.
- Data security: Secure your cloud accounts, email accounts and important online accounts with two factor (multi-factor) authentication. Back up and securely store your important data. Securely delete data you don’t need.
- Network and internet security: Keep your home Wi-Fi network secure. Use a strong password to access your home network, keep your router updated, make sure your router administrator portal does not allow access with default usernames or passwords.
Repeat and improve things little-by-little, don’t make huge changes at once.
Think of my “cybersecurity dial” concept. Where is your dial set, and where should it be?
See my article on Bandler's Four Pillars of Cybersecurity for more details.
Resumption of normal operations - or the new normal
We are years past the initial disruption of the pandemic and in our new normal. Hopefully you have addressed any stopgap or temporary measures taken during the pandemic.
We need to continually assess our information assets. Learn more about them, seek to improve them and our cybersecurity programs, even if by a little.
Health and science
It is worth remembering our medical professionals. Remember before there was any vaccine for COVID that there were many who were ill and dying, hospitals packed, and medical personnel sacrificed a lot to serve.
And scientists who helped too, including with the vaccine.
Making good decisions means learning facts, applying science, logic, good reasoning and common sense. That is so with health, cybersecurity, and most of life.
Good decisions do not come from speculation or fear.
Remote work was always increasing, the pandemic was disruptive for organizations and employees, and sent most everyone remote. Today we are frequently working from home or remotely.
We always need to continually improve our cybersecurity.
Now more than ever, cybersecurity and privacy starts in the home, where we can learn and practice, and then bring that knowledge to the workplace.
This short article simplifies may things and of course is not customized for you nor is it legal or consulting advice. My articles and books have more information.
- Introduction to Cybersecurity
- Bandler's Four Pillars of Cybersecurity
- Five Components for Policy Work
- Cybersecurity Tips from John Bandler
- My services page
This page is hosted at https://johnbandler.com/cybersecurity-and-working-from-home. Copyright John Bandler all rights reserved.
A copy of this article is also available on Medium at https://johnbandler.medium.com/cybersecurity-and-working-from-home-a02d221470d4 (though not as current).
Posted 3/6/2020. Updated 1/18/2023.