The Human Firewall: Physical & Cybersecurity While Working From Home

With telework becoming more popular, it's important that we think about security in our homes, both physical and cybersecurity.  Laptops and mobile devices also face risks outside the home, particularly when using public Wi-Fi or working in unsecured locations. There are simple yet effective actions we can take immediately to protect sensitive data and prevent security breaches while working remotely.  

Separate Work and Personal Devices

When teleworking, it is a good idea to maintain clear boundaries between work and personal devices.  Separating your professional and personal technology allows you to be more focused, secure, and productive.  Consider using your organization-issued laptop solely for work tasks while relying on your personal smartphone or tablet for non-work activities. 


Using your personal computer or phone for work opens the door to data breaches, security risks, and distractions. A dedicated work laptop and phone allows you to maintain boundaries between your professional and personal lives. 

Secure Your Home Office

Treat your home workspace with the same care and caution you would an office cubicle - the data is just as sensitive no matter where you are.  Leaving confidential information visible on your screen or physical documents laying around could put you at risk if visitors come by, even if it's just friends or family.  


Just as you wouldn't leave your work computer unattended in the office break room, be cautious with mobile devices in public.  Treat your home workspace with the same level of security and discretion you would an office.  The data is equally sensitive regardless of location.

Secure Your Home Router

With cybercrime on the rise, ensuring your home network is not an easy target by taking this simple step is more important than ever.  When consumers purchase a new wireless router for their home network, they are often eager to get it set up and connected as quickly as possible.  In this rush, many users neglect to change the default admin password that the router ships with from the factory.  If your Internet Service Provider (ISP) has configured your wireless router for you as part of your home service, ensure your provider has not used the default password for the device.  Oftentimes, you can request a specific password or you can set your own password through the administrative interface.


This leaves their wireless network protected only by a common, easily guessable password that can be found with a quick online search.  Cybercriminals are well aware of this oversight and routinely scan for home networks still using default credentials.  


Once they gain access, they can monitor and record network traffic, change router settings, or even use the network for criminal purposes without the owner's knowledge.  Unfortunately, this makes exploiting default passwords on home routers tantamount to leaving the front door wide open for burglars.  


It is crucial that all consumers take a few minutes after installing a new router to log in to the admin panel and change the default password.   A strong, unique password of letters, numbers and symbols can prevent unauthorized access and protect all connected devices from compromise.

Lock Your Laptop Screen

Locking your screen when you step away and keeping sensitive paperwork filed away out of sight are good habits no matter if you're working from a cubicle or a home office.  You never know who might glance at something they shouldn't or who they might mention it to later.  


By enabling auto-lock features, devices will securely lock themselves after a set period of inactivity, protecting our privacy even when we get distracted or forgetful.  This prevents sensitive material on the screen from being visible to passersby and requires authentication to regain access.   

Mobile Device Management

It's easy for mobile devices to be lost, stolen, or hacked over unsecured public Wi-Fi.  Ensuring all device updates are current, using strong passwords and PINs, enabling device encryption, and using antivirus are some basic things you can do to protect your mobile devices.

The most common mistake people make is using passwords that are too simplistic and predictable.  For example, many choose numeric sequences like "123456" or repeating strings like "000000" because they are easy to remember.  However, these patterns are also extremely easy for hackers to figure out.  Similarly, using common words like "password" or your name, birthday, phone number, or other personal information is dangerous because that information can often be found online. 

A strong password should be at least 12 characters long and include a random mix of uppercase and lowercase letters, numbers, and symbols. Avoid using proper words, names, dates, or other dictionary terms. Instead, try coming up with an obscure passphrase and substituting letters with numbers and symbols in a way that only you understand. 


When encryption is enabled on a mobile device, thieves and other unauthorized users are unable to view your private information.  They would need your password or biometric login (such as fingerprint or face recognition) to decrypt the data.  This could provide invaluable protection if a device was misplaced or left behind in a public place.  


Encryption also safeguards your sensitive information in the event that your device is stolen.  A criminal may gain physical possession of the device, but the encryption would prevent them from accessing any of your personal or financial details, contacts, photos, or other data stored on it.


Antivirus software is essential for protecting your devices against a wide range of malicious threats that can compromise your privacy, security, and functionality.  Installing a reputable antivirus program and keeping it updated is one of the most fundamental steps you can take to safeguard your system.
Antivirus software can quarantine or delete infected files to prevent further damage. Some antivirus programs also provide real-time protection by scanning files as you access them and blocking malicious websites you may visit.

This constant vigilance helps prevent infections from occurring in the first place. With cyberattacks growing increasingly sophisticated, utilizing a modern antivirus solution provides an indispensable layer of defense for your system. The minimal investment is well worth it for the peace of mind and security it offers against debilitating malware infections.

Virtual Private Networks (VPN) and Mobile Hotspots

A virtual private network (VPN) is a secure, encrypted tunnel through which information is sent over the internet.  A VPN allows you to establish a private network from a public internet connection.  


This is done by encrypting your data and disguising your internet protocol (IP) address so that your online actions are virtually untraceable.  The encryption makes it difficult for anyone else to intercept, view, or modify your information as it travels from your device to the VPN server and then onto the public internet. 


The encrypted tunnel hides your browsing activity, location, and IP address from anyone performing network surveillance or traffic analysis.  Overall, VPNs provide a critical layer of security for activities like online banking, shopping, and accessing private networks or restricted resources.

A mobile hotspot is a portable device that allows you to create a secure personal WiFi network for internet access away from a traditional, secure network. The mobile hotspot connects to cellular data networks and acts as a mini router,  broadcasting its WiFi network that nearby devices can pick up.


Mobile hotspots provide a secure, convenient way to get online and stay productive while on the go.  They are useful for activities like working remotely at a cafe, accessing the internet during long commutes, and maintaining connectivity while traveling abroad, where data roaming can be expensive. 

Conclusion

By following simple cybersecurity best practices, you can help ensure a more secure work environment at home and on the road.  With cyber attacks and online fraud on the rise, it's crucial for everyone to understand and implement basic measures that create a more secure work environment regardless of where their office might be on a given day.   


A little cyber awareness and caution goes a long way in protecting organizations, its employees, and its customers when much of the new workplace exists in the digital realm.  



Additional Resources

Here are some additional resources to expand your knowledge of physical and cybersecurity while working away from the office.