What should remote workers pay attention to to ensure data security in cyberspace?

Illustration photo.

The Covid-19 pandemic has permanently changed many aspects of our daily lives, including the workplace. According to a report by global management consulting firm McKinsey (USA), remote working has become popular, with nearly 58% of Americans choosing to work remotely.

Working remotely has many advantages such as choosing a work location, being able to combine company and family work, saving on travel costs, avoiding distractions, etc.

However, besides the positive aspects, working remotely also has limitations such as network connections that may not be secure and lack of timely support from IT staff when you encounter problems.

In addition, when working from a location other than your office, the cybersecurity risk is higher, you may face a variety of data security threats. Therefore, to ensure your remote work environment is as safe as possible, security experts have come up with a list of 8 ways that remote workers need to know to ensure data security in cyberspace.

1. Avoid working in public places

One of the biggest benefits of working remotely is that you can choose a suitable working environment to bring the highest efficiency, which can often be a public place such as a coffee shop, library or park,... However, by working in public, you are exposing yourself to serious cybersecurity risks.

One of the first and most immediate risks is the risk of data security loss from surrounding bad guys, also known as shoulder attacks, which means hackers will sit behind you, take advantage of your concentration and lack of vigilance to peek at all your activities over your shoulder to record the login information you have entered into your personal device. Then, these hackers will use the collected information to create cyber attacks later.

The second risk when working in public is the risk of data leakage through the use of public Wi-Fi networks.

2. Do not use public Wi-Fi networks

If you have to work in a public place, you should avoid connecting to public Wi-Fi networks. Free Wi-Fi connections are often provided in public areas, but these connections are often not secure. Using public Wi-Fi connections for work increases the risk of cyber attacks and puts your personal or organizational sensitive information at risk.

“When you use a public Wi-Fi network for work, you are inadvertently connecting your laptop or personal device to the same network that other people can log into, which means they can hack into your network, depending on the security capabilities of your personal device,” said Patrick Hevesi, vice president of data analytics at technology research and advisory firm Gartner (USA).

Working in a public space while not using public Wi-Fi may seem like a paradox, but there are simpler and more secure solutions. The first is to use a virtual private network (VPN) when accessing corporate information in public.

A VPN is a virtual private network that adds an extra layer of security through an encrypted connection between your device and the Internet. If you're using a company-provided device, chances are it already has a VPN service installed.

Tapan Shah, Cybersecurity Leader at EY Americas Consulting (USA), advises that if you must use public Wi-Fi, use a VPN to access sensitive company information.

Another simpler solution is to use a personal hotspot on your phone. Personal hotspot can be easily enabled from your smartphone settings allowing you to share data from your smartphone to your other personal devices.

“If for whatever reason the connection to the VPN is too slow, it is recommended to use the personal hotspot on your phone as the personal hotspot on the phone is secured through the phone connection,” Tapan Shah added.

3. Invest in anti-virus software

Antivirus software is an effective and important way to add an extra layer of security to your personal devices. “The reason why they are important is because there are still a lot of vulnerabilities in operating systems. Threat actors are looking for those types of vulnerabilities to try to get into your device, and antivirus software will detect and eliminate them,” explains Tapan Shah.

If you're using a device provided by your company, it may have some form of antivirus software pre-installed.

However, even if you occasionally access sensitive organizational information on your personal devices, such as your phone or personal laptop, installing antivirus software can make a difference. You can also benefit from an extra layer of protection for personal information such as credit card numbers, medical records, etc.

4. Regularly restart and update software for devices

Typically, when we think of the benefits of software updates, we think of new features or improved device performance. However, software updates also provide the latest security fixes for your device.

When updating all of your devices, you need to think about more than just the obvious things like your laptop and phone. All Internet of Things (IoT) devices connected to your network, such as smart home gadgets, need to be updated to reduce the number of security vulnerabilities on your network.

One of the most important devices to keep up to date, and perhaps the easiest to forget about, is your router. Regularly updating and rebooting your router not only helps with its performance and ability to connect to the Internet, but it also ensures that it has the latest, most secure software installed.

5. Set a strong and secure password

Setting strong, unique, and secure passwords may seem like the most effective preventative measure, but it's often overlooked by users.

To establish a strong first layer of protection for your accounts, be sure to change the default password to a unique, account-specific password.

Password security is important because it is the first line of defense, says security expert Tapan Shah. Make sure you have a strong password and don't use the same password for every other site you might be visiting.

Default passwords, like the one on your router, are standard across many different devices and subscriptions. However, these default passwords pose a security risk because they can be easily discovered by hackers.

Usually when you receive some types of routers from your Internet Service Provider (ISP), they come with a password pre-installed. Most people never even change that password, which makes it easy for hackers to break in and launch attacks on your network.

Therefore, security experts advise that users should reset their own passwords for routers to ensure safety when using the network.

6. Beware of Phishing Attacks

Phishing attacks are becoming increasingly common on the Internet and telecommunications networks. They are constantly increasing in number, complexity and sophistication. With the development of technology, attacks are becoming easier. Attackers are constantly trying to penetrate the networks of organizations.

In phishing attacks, scammers try to get your personal information by impersonating a trusted website, email, link, or message that you normally interact with.

Once you interact with the link or file sent via email or phishing message, scammers can infect your personal device with malware to steal personal information.

If you think an email message is a scam, don't open any links or attachments. Instead, hover over but don't click the link to see if the address matches the one entered in the message.

Attackers can also carry out phishing attacks in many different forms such as: luring users to access fake websites, phishing via social networks, etc. Therefore, users need to improve their knowledge and information security skills to protect themselves when participating in the Internet and telecommunications.

7. Regularly back up data

The best way to protect yourself from ransomware is to regularly back up your data. As the name suggests, in a ransomware attack, hackers threaten to publish or delete your information until you pay a ransom.

If you back up your data regularly, even if you are the subject of one of these attacks, you can still restore your data from your own backups without having to pay the ransom.

There are many ransomware attacks going on nowadays. If you back up your data regularly, it will help you recover your data if you are attacked by hackers.

To back up your data, you can choose from a variety of cloud storage services such as iCloud, Dropbox, or Google Drive. You can also choose to back up your data to a physical entity such as an external hard drive.

8. Be careful with family members

While you may trust family members, it's important to remember that your computer contains sensitive information about your organization.

One accidental click by a child could potentially share highly sensitive information with your entire organization or even worse, with outside entities that could use that information to cause harm.

To avoid incidents like this from happening, you need to set up automatic locking whenever you are not actively using them and should teach your children about the dangers of the Internet from a young age to keep both yourself and your information safe.