Working Securely from Home
Over 70 percent of global employees work remotely at least once per week1. With the restrictions on public life due to the Covid 19 pandemic, working from home has suddenly taken on a new significance. Many companies are faced with the challenge of enabling their employees to work from home. In the rapid transition from office to mobile working, it is almost impossible to fully implement all the requirements for IT security. Also, employees are often not sufficiently trained in how to behave securely at their home workplace.
The following article provides a general overview of what companies as well as employees need to do to minimize cybersecurity risks in the home office.
What are the duties of the employer?
For a secure work from home environment, the employer must take some steps that require a high level of technical know-how2. The most important security mechanisms that every work computer should have, are explained below:
A Virtual Private Network (VPN) opens a "tunnel" through the World Wide Web to connect directly and securely to the company's network.
Regulated software installation on company devices through authorized employees prevents unintentional installations of malware but shouldn't affect the updatability of the device.
When using Two Factor Authentication a potential thief would have no direct access to the company systems. This technique can be realized with different means, such as a smart card, a secure pin app or an identification USB device.
How you can contribute to information security!
Please install all the latest security updates, as well as an antivirus program.
You have probably heard this sentence a thousand times. But this is a simple and extremely effective way to prevent cybersecurity attacks.
But what else can you do? And what are the most important measures that can be taken to ensure security when working from home?
Let's start with the workplace:
Of course, the general rules for handling documents apply just as much at home as they do in the company. Care should be taken not to leave confidential information lying around for unauthorized people to see or for children to paint on. Why not lock the documents away in the desk when you're done working?
Now the end device:
If you dial into the company network, it is very important that you disconnect this connection again when you have finished working. Never use the VPN for private purposes or imagine your child sneaks in and is surfing via your employer's Internet connection disguised as you.
Last but not least, awareness:
All security measures can be as good as they want to be. You, as the last line of defense, can contribute the most to information security. Always remember to use a strong password, lock your computer always after leaving the workplace and don't open emails prematurely.
Further information (in German):
- FHWS (Ed.). Informationssicherheit am Arbeitsplatz
- BSI (Ed.). Checkliste für Mitarbeiter – IT-Sicherheit im Home Office
About the authors
Hakan Arda works as an information security assistant and realized how important awareness actually is in his field.
Sebastian Lober studies computer science, loves to drink coffee and has been working from home since the first lockdown.
Maximilian Volk’s goal as a security expert is to stay one step ahead of the attackers.