Pro tips: Cybersecurity working from home
Hello all,
For anyone that is working from home due to the COVID-19 pandemic, I would like to take a moment and discuss a significant issue that will affect us all. That is cybersecurity. Working from home poses unique risks because we are no longer working from behind the protective layers of corporate network security. On that note, for those of you that are not security professionals, this message is for you. Here are a few simple things that you can do, if you have not already been given directives from your corporate cybersecurity professionals, to help ensure your personal and your organisations’ cybersecurity. (Please do not use this posting as a means to debate which software, a combination of software, best practices, etc. works best).
1. Make sure you have an active, up to date antivirus software installed on your machine. McAfee, Norton, Windows Defender (Economical Route), Total AV, Trend Micro, etc. will work. Do your research on the many different products that are out there.
2. I recommend a paid version of a host-based firewall on your computer. I use Zone Alarm because it is very simplistic to use, and it has a threat enumerator that checks files that I download before opening the file. It will slow down the process of opening an attachment just a touch, but it is worth the tradeoff to make sure that my personal and company data assets are secure. There are other host-based Firewalls such as Comodo Firewall, Glasswire, ZoneAlarm, and Windows Firewall that comes pre-installed on a Windows machine, to name a few.
3. Use an active scanner, and the only recommendations that I will make here are Malwarebytes or Bitdefender. Not to go into a head to head comparison, but both products offer protection against crypto virus, ransomware, root-kits, and are active scanners meaning that they are continually monitoring your system.
At this point, you may be asking yourself, well, aren’t all of these some sort of Anti-Malware programs. In the short answer, yes, but the long answer is that each product offers various levels of protection, works in multiple ways, and offers different types of protection. Furthermore, as a security best practice, security professionals protect their assets using “Security in Depth” or security in layers like an onion. Each layer is an additional defence to protecting your precious assets.
4. Use a strong password!!!!!!!!!!!!!!!!!!!!!!! I cannot overemphasise this. Your passwords should have the following characteristics.
• 14 – 16 Characters in length.
• Be complex, meaning that they use a combination of upper/lower case characters, specials characters (^*&#@!), and numbers.
• Refrain from using everyday words that are found in a dictionary. Instead of spelling the name “Blue,” spell it this way, “b1Eu,” for instance.
5. Make sure that the default gateway in your home (that is the device that brings you the internet) has the appropriate security settings applied. Default gateways in your home are generally network-based firewalls. Contact your local internet service provider if you need help in the configuration of the appropriate security settings on your firewall. These devices are pretty easy to configure.
6. Change ALL default settings on any devices in your home. A default setting is the setting that a device arrives with from the factory. That means changing the username and passwords on your routers, gateways, computers when they are new.
7. If you are using wi-fi in your home, as most of us are, strong passwords and the appropriate security settings for the wi-fi network are a must. Please do your research when configuring the security settings of your home wi-fi network. Security settings will vary from the device, and if you are using an older machine that lacks current recommended security settings, then you may need to upgrade your equipment.
Generally, the most secure recommendation for a wi-fi network is WPA2-PSK (AES), WPAWPA2-PSK (TKIP/AES), or WPA-PSK (AES). These are the most secure settings and will vary from device to device. That is why I say, do your research for your device at home and see what security it offers for your wi-fi network. If you have a legacy device that only provides WEP 64 or WEP 128 or something in that range…… then it’s time for a new default gateway or wireless router (WAP). Just my recommendation.
8. When checking emails, DO NOT click on any links or download any documents from senders that you do not recognise. That means:
• Verifying the sender to see if the sender’s name and email match with the actual domain of the company that it is supposed to originate. This can be tricky because attackers can make up some pretty convincing email addresses.
• If the sender does not know who they are addressing, with the email starting with something generic such as “Sir, Ma’am or to whom this may concern” or anything like that, then further investigation is needed.
• Again, embedded links or downloads, do not click on these. If you happen to do so, some of the software programs such as ZoneAlarm (mentioned previously) have features that prevent you from being redirected to malicious sites. Regardless, you still want to be conscious of what you are clicking.
• If the email contains terrible spelling, grammar, or seems like it is was written using an online translator, then this may be an indicator of a phishing email.
• Be wary of emails that are bizarre, threatening, urgent, or that are promising things that are too good to be true. I suspect that some people out of desperation during economic hardships will be more susceptible to looking into offers promising financial relief. Please be very wary of these types of emails. Please.
• Trust your gut feeling after following the tips that I have provided. While anyone is susceptible to being conned or making a wrong choice, if after you have followed my suggestions and your gut is telling you, “No, don’t do it, don’t click that link,” then listen to your gut.
10. If you are curious about a link when searching the web, there are many security websites that will allow you to post a link or URL into a search space that will let you know if the site may be considered harmful. The one that I use is Google’s transparency report. I will contradict myself, here and post a link, but the link to this site is: http://google.com/safebrowsing/diagnostic?site=
The other thing that you can look for in the address bar is to see if there is a padlock icon in the locked position when you go to a web site. This signifies that a secure link is made to send data between your web browser and the website. This is the HTTPS protocol, but it alone is not foolproof. Many legitimate sites have been compromised, so security in layers is still recommended.
11. Next, I will address is using a PC cleaner on your machine. Old files, fragmented disk space, drivers that were partially deleted, the cache, and all sorts of maintenance issues can make it seem as if your device has been compromised or maybe a way in for an attacker to get into your machine. There are many cleaners out there, and the one I use is “PC TuneUP PRO.” It is a paid subscription, and on that note, you do not have to use what I use. I do not get paid from these vendors to endorse their products. I only mention them by name because I have used the, am using them, or have tested them. In any case, your device must be maintained and cleaned like your home, office, or car. It is a device and taking care of it is a must.
12. Make sure your operating system is “up to date” with all security patches. Please check with your organisation’s IT professionals to make sure that updates do not interfere with any proprietary software that may be running on your machine.
13. DO NOT give out any log-in, personal, or company credentials for websites or emails that are asking you to confirm log in information. I say again, DO NOT. Instead, go to the company’s website, get the phone number from their web, and call their customer service line. Attackers love to steal your information this way. If anything is asking you to confirm any personal information that is not a trusted, known website, or if an email redirects you to a website asking for this information, then DO NOT DO IT, without confirming that the site is legitimate. If anyone calls you over the phone and asks you to confirm any company or personal information, make them verify their identity. Now, if you call your bank and they need verification, this is different. You called them, and I just hope you know who you are calling.
At the end of the day, follow your company’s SOP’s, business continuity or emergency contingency plans for network security, if your organisation has any of this in place. Many organisations will have network access controls, endpoint protection, VPN’s, full disk encryption, mobile device protection, or other controls and security measures in place that will mitigate the risks while we transition into a work from home environment across the United States.
For organisations that do not have a cybersecurity program in place, then please do your research, use the information that I have given you here as a reference to do your cybersecurity and please reach out to any cybersecurity professional with questions, advice, and knowledge of cybersecurity best practices.
Lastly, all fellow cybersecurity practitioners, please feel free to offer up good advice and add to anything that I may have missed. Let’s work together to make sure that we are keeping people, organisations, and our country’s cyber world safe.