By Jessica Zimmer
As the world continues a large-scale trial of mass telecommuting, employers are using numerous tactics to avoid phishing scams, harden security and verify identification.
Here are five tips for protecting privacy while working from home, according to Seth Schoen, senior staff technologist for the Electronic Frontier Foundation in San Francisco:
1. Avoid responding to emailed requests for information from unknown parties or opening their attachments, even if they claim to have some connection with an authoritative source. Go directly to health agencies’ websites, for instance, to receive official updates.
Scammers seem to love exploiting current news and anxieties to create a sense of plausibility and urgency and influence people’s behavior.
2. Separate personal and work devices. Use work devices to access sensitive work information. If employers have issued, or have the resources to provide, work machines to their employees, it can be useful in terms of avoiding “aggregating targets.”
3. Companies that don’t have virtual private networks (VPNs) in place can create them. Encourage employees to use the VPN to access sensitive information.
4. People using video chats should check if the chats are encrypted. Where possible, they should favor end-to-end encryption. This prevents anyone but the authorized participants in a conversation from accessing or recording the content.
In addition, workers should consider whether the online collaboration tools they use are sharing information more widely than usual, even within a company. For example, putting information that would normally be part of a one-on-one conversation into a group chat will expose it within the company. Take time to understand the permissions models and settings of the collaboration tools that an organization is using.
5. Make sure software is up-to-date and employees are keeping appropriate backups. This is especially true if these tasks would normally have been handled by IT staff who now may have reduced access to the employees’ devices.
Where time and resources allow, create clear procedures or points of contact for IT support so employees can easily tell whether an IT-related request is legitimate.
Jessica Zimmer is a California-based writer.
Sources (external links):