Most corporate employees are still using remote working tools to help beat Covid-19, according to a recent survey by human resources consultant 21st Century.
However, South Africa’s Internet Service Providers’ Association (ISPA) cautions work from home employees that the high-speed data connections, cloud-based file sharing and other remote working tools that enable the new normal are not without risk.
“The shift to remote working has many benefits, but also creates new security risks because employees working from home may not have the expertise to properly secure themselves against online threats,” says ISPA chair André van der Walt.
ISPA has created a public advisory to provide some basic advice that every South African working from home can follow to reduce their security risks.
ISPAs shares some practical tips for immediate implementation:
* Backup your data. Not only does a backup protect you from a physical hard drive failure, but it also protects you against ransomware. This is malicious software that exploits a security vulnerability to seize control of your computer and demand you pay a ransom to return access to your data.
* Install antivirus software and ensure that you install security updates when prompted. Viruses and malware frequently target known vulnerabilities in operating systems and applications, and software updates patch these holes so it’s important to install them as soon as possible.
* Don’t use the same passwords for your email and social media. In fact, don’t use the same password for anything. Use your web browser’s built in a password manager (or install a third-party one) and use it to generate strong, unique passwords that you don’t need to remember.
* When it comes to your smartphone, don’t install apps you don’t need. Delete apps that you don’t use. Installing an official app offered by your bank or your mobile provider is likely to be safe. However, while most mobile app stores also take steps to prevent malicious apps from being added to their stores, installing an app from an unknown company can be risky.
* Keep an eye on the data used by your phone. Unexpected data usage can indicate that there is an app sharing information that it shouldn’t be sharing. Not only can this be costing you money, but it may also be putting your personal information at risk.
* Don’t click on links in email – rather type the addresses yourself. These links can often be used to harvest your credentials. Similarly, be wary of opening attachments from anyone you don’t know. Scammers often hide malware in files with odd file names (such as .com, .ace, .rar, or .htm. If you don’t recognise the type of file, the chances are high that it is dangerous.
* Make sure you’ve changed the WiFi router password from the factory-set defaults. The default password is not the same password you use when connecting to the WiFi, but the administrative password used to log in to your router. If you have not changed this, anyone within WiFi range can potentially gain access to your router and hijack your home network.