Free Cybersecurity Strategies for the Homebound
Well, April is almost over, and most of us are still teleworking from home. Last month I discussed some basic requirements for working remotely, and given that the coronavirus pandemic is still very much affecting our working lives, I’ve decided that this month it would be good to build on some of the concepts introduced last month.
Ideally, a teleworking work force would be providing the laptops or even desktops they need from their organization, and these devices would be setup according to approved standard guidelines with centrally managed endpoint protection agents, and an application such as Citrix, or VMWare Horizon to allow them to remotely connect securely to a virtual desktop housed in a secure datacenter or cloud. All work product, and sensitive information would be stored on these virtual desktops and the local device at the employees home would be used only to connect to the secure central infrastructure.
However, for many small businesses this is simply impossible given their budget, not to mention the dire outlook of the global economy. Many of these small businesses are relying on their employees to use their home computers to perform their duties. While I understand that this, in many cases, cannot be helped, I cannot emphasize strongly enough how dangerous this can be from a cybersecurity perspective.
Your typical home PC sits behind an ISP provided router that is configured to let just about anything through to the home’s endpoint devices. It may or may not have an antivirus installed, and even if installed it may not be running or updated. Most PCs have the Microsoft Windows firewall installed, but again, it may or may not be enabled. Often, users on the PC have their own accounts, but just as often, they do not, and even if they do, it may not be password protected or other people in the household may know the password.
That is a recipe for disaster.
Here are some actions you can take for free to help mitigate the risk that company data will be compromised:
- For Windows 7 machines, go to https://www.microsoft.com/en-us/download/details.aspx?id=5201 and download Microsoft Security Essentials. This is a free antivirus provided by Microsoft.
- For Windows 10 machines ensure that Defender is up and running. You can type in Windows Security and manage it all from there. Make sure that all icons have green check marks next to them.
- Make sure that Windows Firewall is up and running. This will be in Windows Security on Windows 10 machines and can be found in Windows 7 simply by typing in “Firewall.”
- Make sure that the PC is fully updated with all critical security patches and that the update schedule is set to automatically download and install updated. Windows Update is located in the control panel for Windows 7 and it is in Settings on Windows 10.
- Require employees to create separate work profiles on their PCs that are password protected.
- Make all user profiles ‘standard users’ unless they absolutely must be administrators on the PC. Children especially should never be administrators.
- Most importantly, make sure your staff is educated as to cybersecurity threats (especially Phishing). There are many great resources on the internet, or contact us at Digital Edge and we would be happy to help you get started.