By Aisheh Barghouti
“Wash your hands!” has become the mantra for the coronavirus pandemic.
Practicing good personal hygiene, though it seems simple, has been touted by medical professionals worldwide as a key way to stop the spread of the virus.
But like good personal hygiene, practicing good “cyberhygiene” has never been more important.
As COVID-19 spreads throughout the country and around the world, companies now must have their employees working remotely. This directive has shaken the business world, leaving workers and their bosses scrambling to adjust to a new reality.
“The security and privacy implications of working from home are staggering,” David Finn, an executive vice president at Cynergistek in Austin, Texas, told Digital Privacy News.
According to Finn, the potential privacy missteps for remote workers are many: forgetting to password-protect devices, even having a laptop screen visible through an open window.
“We just don’t think about privacy the way we need to when we’re thrown into a new work situation,” he said.
Even if workers use their employer-issued devices, they’re probably still using their home networks.
That, Finn said, could introduce vulnerabilities into the system if the home network was not set up securely and properly maintained.
So, were American businesses ready for secure employee telecommuting?
“I’m sorry to tell you that I know that the businesses were not prepared for this shift,” Finn told Digital Privacy News. Workers, too.
Effective telecommuting often requires detailed initial setup, maintenance — and the careful communication of and adherence to company policies and procedures.
In a global pandemic, requiring an estimated 1 in 3 Americans ordered to stay home, businesses are building the necessary telecommuting infrastructure as they go.
In recent years, many companies have allowed employees to work from home for greater flexibility. But some businesses do not have a framework or policies for effective and responsible telecommuting.
Some firms have turned to such platforms as Zoom, Hangouts, Teams and Slack — but each comes with its own risk of data leakage or security breaches.
Finn warned of an uptick in coronavirus-related phishing and malware attacks.
“It’s not rocket science,” Finn said. “Use common sense.”
Here are some effective ways to practice good cyberhygiene during COVID-19:
- Use strong passwords with two-factor authentication.
- Use a VPN for an encrypted connection.
- If possible, use distinct “work” and “personal” devices. Otherwise, try to keep personal and professional items separated.
- Update and patch software and operating systems.
- Update firmware on home network devices and computers.
- Disable smart speakers during meetings and calls.
- Change the password that’s automatically generated on the home modem.
- Lock or set timeouts on computers and phones.
- Be aware of surroundings, particularly when working with sensitive information.
- Properly dispose of hard copies of sensitive documents.
- For companies, be sure to provide guidance and support to remote employees so they can work securely.
- Maintain home networks for security. “Employees are the first responders in this analogy,” Finn said. “They’re the first line of defense.”
Aisheh Barghouti is a Digital Privacy News Staff Writer.