COVID-19: Securing Work From Home

COVID-19: Securing Work From Home

Working from home is quickly becoming the new norm. Obviously, this has a lot to do with the Covid-19 epidemic, but things were already moving in this direction anyway. This isn’t necessarily a bad thing, as many people prefer to work from the comfort of their homes. Unfortunately, home networks and devices tend to be a lot less secure than corporate equivalents. Let’s consider the scale of the problem and discuss several workable solutions.

Understanding The Problem

Cybersecurity is more important than ever because hackers have become such a big problem. As society begins to depend on the internet more and more, it is natural that some would choose to exploit the situation for financial or ideological gain. But if you have never been hacked, you probably don’t understand how often it happens.

Let’s look at some statistics to see how common this problem might be. The data begins in 2005 and goes up to the end of 2019, so it gives us a good idea of the trends over the last 14 years. What we see is a statistic that keeps going higher and higher.

In 2005, about 157 million data breaches were reported. That sounds like a lot, but it only gets worse from here. As of 2019, we are looking at roughly 1.5 million reported incidents. That amounts to roughly 165 million records being exposed. These numbers include both large and small breaches, so let’s look at an example of a particularly large one.

Zynga is a company that makes mobile games for Android and iPhone users. This company is most famous for a game called “Farmville,” a farming simulator that you may already know. On Sept. 12, 2019, Zynga made an announcement to its investors, admitting that a major data breach had taken place.

The login information and personal details of over 172 million accounts were compromised by a single attack. They got usernames, passwords, Facebook IDs and phone numbers, although the company insists that no financial information was accessed by the hacker, known only as “GnosticPlayers.”

Security Solutions

Now, let’s talk about some solutions that can help to keep you safe while working from home. We will do our best to avoid highly technical solutions, focusing instead on things that the average person can do.

Strong Passwords

Passwords are your first line of defense against cyber-intrusion. Believe it or not, a password can be a very effective defense, but only if it is used correctly. If you use a common word from the dictionary like “moon” or “dog” or something like that, there are programs that can crack the password in minutes. This is referred to as a “brute force attack.” However, these programs are limited in their ability to crack complex and random passwords. Thus, you need to make sure your password fits the following criteria:

  • 18-20 characters long
  • No common names or words included
  • At least three random numbers
  • Both upper and lowercase letters
  • Private VPN Networks

Encryption is your next line of defense, and it tends to be more impregnable than the first. Encryption works on a simple principle: It takes all of your data and jumbles it up, making it incomprehensible to an intruder. Thus, even if the attacker gets the data they want, they will be unable to read its content and use it effectively. At a fundamental level, all computer data consists of ones and zeroes (referred to as binary code). Once you mix it up, it becomes impossible to unscramble.

The easiest way to deploy encryption in a home-worker setting is to use a company VPN. This should be a private VPN network that only your employees will use. A VPN (virtual private network) creates an encrypted “tunnel” between you and the websites that you use. As long as the password is well-guarded, VPN networks tend to be quite secure.

DNS Encryption

You might also consider encrypting your systems at the DNS (domain name server) level. Some attackers can bypass VPNs and other types of network encryption by going farther up the chain of connections. If they can’t hack your network directly, they can often hack the DNS server that you use. If these servers are unencrypted (and many of them are), it’s not that hard for them to gain access. Thankfully, there are a number of tools that can be used to encrypt your DNS and close this big nasty backdoor.

Multi-Factor Authentication

Multi-factor authentication is another step that can do a lot to secure your network. Hackers will often gain access to a network by disguising themselves as a legitimate user. If they can’t hack the network itself, they might try to hack one of its users. Once they gain access to an account, they can use it to do all kinds of harm without exposing themselves in any way.

When someone logs into your network, you might ask them to complete a CAPTCHA to verify that they aren’t a bot. Many hackers use bots (AI-driven programs) to do their dirty work, so this one step will eliminate many risks. For account creation, you should make people verify a phone number and any other personal information that you deem relevant. If you make yourself a more difficult target, hackers will probably back off and look for an easier one.

Be Very Careful About Emails

Finally, you need to limit the use of private email on the network. Email phishing is one of the most common hacking methods (some say it’s the most common!), and it is likely to be the first avenue of attack. Hackers will often try this as a first step because it is so easy. If it succeeds, they have gotten what they wanted with ease. If it fails, they lost very little in terms of time and effort. For that reason, you need to make sure that only authorized email accounts are used while connected to the company server.

Conclusion

Although we have tried to scare you a little bit, we don’t want to exaggerate the threat. We don’t want you to be paranoid, but it always pays to be watchful. When you see something that doesn’t look right, stop what you are doing and investigate immediately. Tools like Nmap and Wireshark can be of great help in this department, but that is a subject for another time. If you have enjoyed this article and would like to learn more, please fill out the contact form below.