In any type of crisis - war, natural disaster, pandemic - some unscrupulous individuals will seek to turn the chaos of a bad situation to their own advantage, like Victor Hugo’s scoundrel innkeeper Thénardier in Les Miserables. Now that millions of people worldwide are unexpectedly working from home, opportunities abound for cyber criminals.
To minimize risk while working at home, take time to think through the security implications of your actions. As your finger hovers over that Send button, or when you are about to start up an unsecured cloud service (don’t do it), take some time to think like an attacker and understand what could go wrong.
People make more mistakes when they are under stress, distracted, and in a hurry. Many new work-from-home employees will be all three of these things, as they try to balance family and work responsibilities in a new and unfamiliar daily routine.
Cybercriminals will be on the prowl for files stored in places (such as remote desktop environments) with weak or missing authentication and other errors where hassled employees have made poor decisions in the interests of expediency.
The author, Jonathan, working form his home. Image credit: Synopsys.
For accounts protected with passwords, make sure to choose passwords with enough complexity that they are hard to guess. Consider enabling two-factor authentication whenever possible. It is slightly less convenient, but much more secure.
As stay-at-home employees flood the Internet with videoconferences, and stay-at-home everyone else flood the Internet with streaming videos, expect to see slowdowns and service interruptions. Don’t get caught up in the moment and turn to personal accounts or services that haven’t been evaluated by your organization. Everyone knows a pandemic is happening; some things will just take a little longer.
Take a minute. Slow down. Think about what you’re doing and what could go wrong. We’re all in this together, so take a breath and stay safe and secure yourself and your employer.
