Now that we are all settled into working from home, take a minute to consider whether your security is up to scratch.
A lot of this might seem like plain common sense, and you’re probably on top of it already. But we thought that in these stressful times it might be worth stopping, taking a breath and checking the security of your remote working setup, just in case. Much of this you can tend to yourselves, but if you’re unsure, Mac Aid are still here, and happy to help you through it.
Mac Aid working from home security check list
Many of you are possibly accessing your employers servers and network through a VPN, or dealing with company data on a cloud service like DropBox or Google Cloud. Or perhaps you’re self-isolating at home and finding that you are more dependant on your internet connected devices than you have ever been.
Home networks are inherently less secure than corporate networks, which are generally protected with sophisticated firewalls, and so scammers and cyber-criminals see our current remote working situation as an exciting new opportunity. Make sure your home network is as safe as it can be.
So take a minute to consider the following:
1: Is your home internet connection as secure as it should be?
A surprising number of people leave their home routers and wifi with the default passwords they came with.
In the past that might have sufficed for your own personal uses (although it still isn’t ideal), but this makes your network inherently less secure. It would be good practice to change that password to a strong and unguessable one, that will be unique to your network.
Generally configuration of your router or wifi will be via its IP address, which on a Mac you can find in your System Preferences/Network/Wifi under the advanced tab. Copy the IP address you see beside “Router” and paste into a web browser, and you should be looking at the configuration page for your router. If your router is using its default user name and password, they will most likely be printed on a sticker on its base. Make sure to keep a record of what you change your router credentials to. You will have to re-authenticate all of your devices to use your router/wifi (using it’s new password) after doing this.
2: Is your laptop or desktop computer properly secured?
Your laptop, computer or phone, should be set up to require an unguessable password, or to use touch-ID, to log into it or wake it from sleep. While it might be convenient to have your device set up to not require a password, this is a serious security risk if your system contains details to log into company servers or accounts and has those passwords saved. So make sure your system is set to require a password or touch ID to open.
On a Mac, this is set up in two places in your System Preferences. In System Preferences/Users & Groups: Under Login Options, make sure that “Automatically login” is set to off. You will have to authenticate with your administrator password to change this setting. In System Preferences/Security & Privacy, make sure that “Require password” is set to a modest, yet bearable time-limit, like 15 minutes. Again, you will have to authenticate with your administrator password to change this setting. If you are using a recent era MacBook Pro, MacBook Air or MacBook, make sure that you have set up Touch ID to secure it with your fingerprint.
3: Are you alert to phishing attacks?
With so many of us working remotely now, the chances that someone you know will have their email account compromised are greater. If you receive emails that purport to be from people you know that ask for payments, passwords or such, firstly, stop and consider them, and then check directly with that person by phoning them, or if you are using a chat platform to communicate with co-workers, perhaps ask them there.
Be particularly alert to emails seemingly from suppliers informing you of new payment arrangements or unpaid bills. If you’re still in doubt, ask Mac Aid to quickly look at any suspicious emails for you.
4: Is your system free of malware?
Your company servers and networks are likely well protected from malicious attacks, but your home network and systems might not be. By connecting your home network to your work network, you might unknowingly be creating an entry point for attacks.
As always, the most important thing you can do is to be hyper-aware, and not open any suspicious emails or attachments at all. Also be wary of installing browser plug-ins or other new software that you can’t be certain is from a reputable software company.
Ultimately if you want to be as secure as you can be, virus protection software might be the answer. But be alert that some software that purports to “clean your Mac” or otherwise scan for viruses, is in fact malware itself. Be especially wary of any virus protection software that suggests itself to you via pop up windows whilst web browsing.
Malware Bytes is a legitimate virus protection application, and are offering a two month free trial currently. You could avail yourself of that offer to ramp up your level of protection right now, and decide at a later date whether you wanted to buy into it or not. Phone the Mac Aid office to arrange your free trial.
Don’t let the current stressful environment cause you to make unsafe choices or take unnecessary security risks. If you receive any email or message that seems suspicious, stop, consider it, and check its authenticity before doing anything at all.
Mac Aid is still here to help, just ask.