Sheltering in place requires cybersecurity for your phone, laptop, tablet, WiFi and all other Internet connected devices (IoT devices). Gaps in your home information set-up can expose you to a cyberattack and infect all your devices.
Your system contains client financial records, credit card information, client health records, access to your firm’s bank account, propriety client information and the ability to send and receive wire transfers.
If you’re new to setting up cybersecurity for home devices and don’t understand the alphabet soup and jargon, companies like ours can do an assessment and recommend fixes to close any gaps. The more layers of protection you wrap your home office in, the safer you and your data will be.
WiFi: If you are using AT&T or Spectrum for some of those devices, check your encryption settings and make sure you are on WPA2. Then change the password so it’s unique and not used anywhere else.
iPhone, Android: If you use six or more numbers as your PIN, it enables the encryption. Check with your manufacturer for other security controls, or contact us for help.
Laptops/Tablets: When you create work-related material at home on your laptop and the information is sensitive in nature, you may want to encrypt the data at rest.
Any devices that store sensitive data should be encrypted at rest, and only strong encryption methods such as AES and RSA should be used. More than 90% of stored data is at rest, so encryption at rest is crucial.
If you are going to communicate with an external party, you might want to use secured dashboard technology like Citrix, Sharefile, or Axcient. Again, you should consider this for all devices that store data. These technologies are capable of securing data both in-transit and at rest. Customizable security controls give you the power to recover lost data and prevent leaks in the first place.
No. 1: Use a VPN (Virtual Private Network)
VPNs mask your location and your Internet Service Provider (ISP), giving you an extra layer of protection in the form of online anonymity. This is one of the quickest and easiest ways to protect your browsing history and IP address. You should use a VPN on any devices that browse the Internet and store or transmit sensitive data.
No. 2: Multi-Factor Authorization (MFA)
Utilizing MFA wherever possible will help stop hackers from gaining control of your accounts, even if they have access to your username and password. Maybe they were able to hack into your email, but do they have your actual cell phone? It might seem like a pain sometimes, but it’s worth the extra added security. Use MFA for all accounts that store or transmit sensitive data.
No. 3: Managed Security Package
Protect your devices from ransomware, virus, spam, malware, and phishing by purchasing protective software from a reputable company such as Bitdefender or Quad9, which is free and will protect you in real time if you go to a malicious site. You need protection on all Internet connected devices. The free services are a good first layer, but consider adding more layers of increased security such as keystroke encryption, hard disk firewall, and managed services. With managed services, your logs are constantly monitored for attack and vulnerability.
No. 4: Encrypt and Backup Your Data
If the security of your home office is compromised, having your data encrypted and backed up is invaluable. Use secure folders and make a copy of your sensitive and vital work files both offline and online.
For online storage, use a cloud service like Axcient or Microsoft Office 365 with Onedrive on their E3 plan. For offline storage, consider a flash drive or external hard drive so that you have a way to recover your files in case of an unfortunate event.
No. 5: Use Strong Passwords
Use long string keywords for everything. Use a combination of upper and lowercase letters, numbers, and symbols. Never use the same password twice. Never write your passwords down. Use a password manager software such as Lastpass that will generate AND remember your passwords for you.
Pair your password manager with a hardware token like a Yubikey to add an extra layer of security to your passwords. This is easy to set up and well worth the effort.
No. 6: Encrypt Everything
Encrypt everything you can, and use STRONG encryption software when possible, including:
- Wireless Network Encryption: Layer your wireless encryption with a hardware firewall with IDS and IPS enabled.
- DNS Encryption: Encrypts your DNS by changing your router to 220.127.116.11
- Keystroke Encryption: This will stop zero-day keystroke/keylogger malware, especially when layered with biometrics and MFA.
All of the recommended solutions are available from a wide variety of vendors, at different price points. You can also get all-inclusive package prices from cybersecurity firms. Take the time to get the appropriate layers of protection in place. Proper preparation prevents poor performance.