Ransomware Alert: Work from Home Risks
Working from home comes with risks.
In the office, you can be confident that your IT provider has worked to secure your environment and prevent bad actors from getting into your systems. At home, though, you don't have that guarantee. While many of you work using a Remote Desktop Servers (or RDS), you may still check your email on your home PC or open a browser-based application without connecting to the RDS.
This means that there are some additional dangers, on top of the usual phishing or malware attacks. Your home network doesn't have the same protection that your office does, because your office has a team of experts managing the hardware and software that keeps business data safe. But there are a few things you can do to protect yourself and make sure your business information isn't compromised or captured by criminals.
Here are three things you can do when you work from home to help secure your information.
- Use your RDS or remote connection whenever possible.
- Make sure your home PC has one good Antivirus. They will interfere with one another, so make sure not to have multiple. EGiS recommends and uses Webroot, but you can always check with us to see what your best options are.
- Secure your Wifi. Many home wireless networks don't have passwords on them. This is a problem, and not just for when you work at home. Intelligent attackers can use the o
pen access you give them with an unlocked Wifi to steal information from other devices on your network. This is even more of a problem when you are accessing confidential or secure work information.
Here are a few things we recommend you do, regardless of where you are working from.
- Use strong, unique passwords. We know, everyone always says this, but it doesn't mean using a long string of gibberish. A very strong password can be a combination of words that mean something to you, so they're easy to remember, but are hard to guess. Add some complexity by replacing or adding in a number and a symbol. Something like "JediSaber#8" would be a pretty good example, if you were a big fan of Star Wars and your lucky number was 8.
- Enable MFA - Multifactor Authentication - wherever possible. If you have MFA set up on your accounts, not only will people that know your password fail to successfully log in, but you can even be alerted by notifications if someone tries to get into your account without you knowing!
- Double check your emails. Make sure they are coming from safe senders. Anyone can create an email account and say their name is Mickey Mouse, but it's probably not actually Mickey sending that email. If they want you to send important information, buy something for them, or change bank information, call them on the phone and check to see if it's really them sending that. You should also check the "From" address, and if it asks you to follow a link to log in, don't do it. They want to convince you to put in your password so they can steal it.
These are just a few simple things that can help make you personally more secure and keep your business data safer. If you have any concerns, let us know. EGiS is available to talk about your concerns at 402-502-7380.