As whole teams move from collocated offices to remote work arrangements in the midst of the COVID-19 crisis, maintaining continuity in security best practices cannot fall by the wayside.
Keeping sensitive data protected when you and your colleagues are no longer using the same network to access it requires vigilance and teamwork. However, securing at-home networks—which can be implemented by any individual, not just the experts—can support your commitment to safeguarding that data on an ongoing basis.
Calder7, Relativity’s security team, has put together a list of these tactics to help members of our community build a fortress around their most sensitive data, even as it’s being accessed by widespread employees.
Take a look at the full list here, and please share it with your colleagues to encourage broad adoption of these precautions. In the meantime, here’s a shortlist of things to consider as you get started.
1. Configure Your Devices
The tools you use to access sensitive data need to be thoughtfully maintained. That includes documenting which devices you use for work, keeping all software updated with the latest defenses, and sticking to basic best practices around concepts like password hygiene and leveraging biometrics where possible.
Any device that’s connected to the internet is vulnerable to attack by bad actors. Do not make those attacks easier by taking a relaxed approach to device security. Working in physical isolation doesn’t make your devices any safer. If one of your devices may have been compromised, be sure to double—even triple—check that it’s clean before you reconnect it to the internet. Run multiple scans and ask for help to ensure the best defenses are in place.
2. Configure Your Network
At the office, your company’s IT team are the experts in setting up your network defensively and ensuring it remains as impenetrable as possible. At home, that task falls to you.
Precautionary steps in this area can be extremely simple (giving your WiFi network a non-default name and password or ensuring your router has a proper encryption protocol in place come to mind). They can also be more complex—for example, you might want to set up your work devices to connect to a different network than any personal or Internet of Things devices you’ve got at home. Your wireless network can also be configured to allow only authorized access to your home internet at all. And you may need to consider the use of VPNs.
3. Configure Your Behavior
Out of the mindset of going to the office every day, and feeling comfortable in your home environment, you may find yourself falling out of the habit of working with a security mindset. Beware of this complacency. It can be damaging.
Remain vigilant about keeping your devices locked, using caution while browsing the internet and clicking links, and accessing business data with your personal devices while you’re working from home. Without the safety net of your IT team’s closely guarded network to catch you if you make a misstep, your everyday choices require more caution than ever.
Don’t Be an Island
In addition to working with security in mind, you shouldn’t allow your physical isolation to separate you from the resources at your company’s disposal. Right now can feel we have built walls—“A fortress deep and mighty.” Instead, I encourage us to keep in touch with our teams’ IT and security experts to ensure we’re implementing the best practices they recommend. You should also alert those teams immediately if you think your data or devices have been compromised. Time is of the essence when it comes to warding off or resolving a potential breach.
Don’t forget to share our tips with your in-house experts and your other colleagues.
Amanda Fennellis chief security officer at Relativity. In her role, Amanda is responsible for championing and directing security strategy in risk management and compliance practices. She has a master’s degree in forensic science and more than a decade of experience in forensics and cybersecurity.