You have been working from home on your laptop what you need to do when you connect to tcs network

As many companies adopt work-from-home (WFH) policies in response to the Covid-19 pandemic, cybersecurity is a growing issue. The workforce has access to confidential company data, so how does one ensure data/system security while working from home? Devashish Sharma, CTO at Flock (a proprietary messaging and collaboration tool), lists four easy steps that can help you keep your data secure.

Prevent unauthorised system access
The fear of unauthorised access is way higher during these times as hackers know a large portion of the population is working from home. Every small and medium business needs to have a strong access control policy defined for their employees. So how does one prevent unauthorised access?

More than half of the data breaches happen due to weak or old passwords. Use passwords, and strong passwords and change time at regular intervals. Do not write down your passwords on your laptop/computers. Also, if you move away from your computer, even for a washroom break, lock your computer. It doesn’t matter that you’re living alone and don’t have anyone around. There are multiple tools available to see if your password is compromised.

Two-factor authentication
Two-factor authentication adds a layer of redundancy to ensure that only the actual account owner can access their account. A hacker could steal an employee’s password, but they probably won’t have a phone that receives the verification code or what is commonly known as OTP. Also, the hacker wouldn’t have access to a fingerprint, which is used in some systems. Honestly, adding one extra layer to the login process could make a lot of difference in keeping hackers out. Two-factor authentication systems can also serve as a type of alert when an unauthorised user is attempting to log in to an account.

Beware of phishing emails and messages
According to a recent report, phishing scams and malicious Covid-19 links have grown from 15 in January 2020 to 54,772 in March. If you ever receive an email around PPEs, masks, hand sanitisers, etc., think twice before clicking on the link. There is an increasing number of cases where employees receive such emails, which once clicked on provide an inroad to hackers with malicious intent.

Secure your home networks
Even if you have a separate work laptop provided by your office, while working from home, you would be using your home Wi-Fi. And your organisation’s IT team has no control over it what so ever. Changing password to something far more complex than just names or birthdays of family members is the most basic step in securing the home network. Use a virtual private network (VPN) on your work device before connecting it to your home network is another security practice that should be followed. However, make sure to avoid free VPNs as they are not safe and usually compromise security, killing the purpose of using it in the first place.

While working in an office has its benefits, the ability to work remotely without losing any access to necessary information has become more pivotal. Remote access allows employees a broad range of functionalities they might need while working miles away from the office. Remote access actually enables one to log into their company device as if in the office. This ability to access company information, systems, and networks, as if sitting directly in front of their office desktop, from wherever they may be in the field carries a ton of utility.[1] Whether it be allowing employees to better their work-life balance, or just providing an operator with a wealth of resources while out conducting business, a company stands to gain a lot by providing their employees with the tool of remote access capabilities.

Virtual Private Network

There are, however, risks that come from implementing remote access programs. These risks vary based on which type of remote access setup is used. One common practice of remote access security is referred to as a VPN or Virtual Private Network. This kind of remote access involves providing employees with access to their company’s networks, systems, and servers and the data contained within through a virtual tunnel from the remote entry point of the employee’s device. As one can imagine, with increased access comes increased vulnerability. Creating numerous connection points that are unconfined geographically thus creates more susceptibility to the wrong person gaining access to the secure and often confidential information kept by companies. A VPN provides security for the remote access process by acting as a safe channel for a user to access their desktop or company’s systems remotely by using encryptions.[2]

Security Concerns

One example of vulnerability is the device being used. It often is the case that such devices are personal possessions of employees and thus cannot always be controlled or protected in such a way that company property can. By disallowing employees to use unsecured networks while also accessing their company’s network, the ability for a hacker to breach through is decreased. Another common security concern for remote access is violations of the server being used as the middleman between the two ends of the remote access. Using firewalls and encryption techniques can protect from such incidents. One nifty trick to secure remote access from the other end is verifying IP addresses using what is called a protocol analyzer. By checking the IP addresses that they are trying to gain access a company can be sure that the users on that end are those granted access and not hackers or unauthorized users.

The resources that are made available that were formerly only accessible while physically in the office enables people to perform their job at a much higher level while allowing a company to change as technology continues to be enhanced. The importance of securing these methods of remote access are thus paramount as the volume of remote access methods increases. 

Total Computer Solutions offers customized security training as well as security consulting for businesses throughout the Piedmont Triad region. Fill out the form to be contacted or call us at 336.804.8449 for more information about how our security training for employees can strengthen your network security.