Since teleworking and hybrid mode have become part of everyday life, ensuring the company’s cybersecurity is increasingly complex. The “office” is no longer limited to the company headquarters… Living room, bedroom, cafés and shared workspace are the new workplaces and access points to the company network. Let’s take a look at the best practices to adopt to minimize the risks with your organization.
Beware of Public Wi-Fi Networks
In a telework context, you may be authorized to work from anywhere. It will therefore not be uncommon for some workers to choose to work in a shared workspace, or in a café. The danger is that if a hacker connects to the same internet network as you, they may be able to spy on all of your activities.
Use a VPN
The VPN is a virtual private network. This is a service that establishes an encrypted and secure connection between your computer and the Internet. By doing so, you get a private tunnel for your data and communications when surfing on public networks. (Avast, 2022)
Its use allows you to maintain your privacy online. Thanks to him you cannot be targeted according to your geographical position. It kind of acts like an invisibility cloak!
Choose Concrete Passwords
We can never repeat it enough, choosing a long, complex, and unique password is essential to protect all your online accounts. Hackers have sophisticated software that can find a password of fewer than 12 characters in just a few minutes.
In order to make their task more complex, choose a password that respects the following 3 characteristics:
- A long password: more than 12 characters,
- A complex password: which contains special characters, upper and lower case letters, and numbers
- A random password with symbols: avoid using words and first names, the more unintelligible the password, the more effective it will be.
Tip from MS Solutions: Use a password vault to save all your passwords and to be able to use a different password for each application, without taking the risk of forgetting them.
Use multi-factor authentication
Multi-factor authentication helps ensure that the right person is trying to log in. As its name suggests, multi-factor authentication requires that, to log in, the user must use at least two authentication factors.
For the implementation of multi-factor authentication, there are 3 types of factors:
- Something we know: password, security questions…
- Something you own: authentication applications, secure SMS with code…
- Something that one “is”: fingerprint, facial recognition
This connection mode ensures that the right person is trying to connect. This is double security if someone gets your password.
Protect Confidential Information
Do not leave your computer equipment or computer documents in plain view. In order to preserve the confidentiality of your organization’s data, adopt the good reflex of locking your computer screen when you leave your office (even if you are simply going to the breakfast room). Simply avoid leaving your computer equipment unattended to protect yourself against a glance at your screen that would not be trivial, or even worse, a theft of your equipment.
Pay Attention to Personal Computer Equipment
Your company may authorize or practise “Bring Your Own Device” in order to allow you to work from your own connected devices (cell phone, laptop, etc.). This mode of operation is not without risk. On the one hand, the fact that you store sensitive data and professional access on your own devices increases the share of risk. On the other hand, private use, and therefore the increase in use of the device increases the risks. Probability of cyberattacks.
In order to deal with its risks, we recommend that you perform your updates whenever necessary. We also recommend that you only download approved and certified software, but also to have an up-to-date antivirus. Do not hesitate to contact your IT department if you have any doubts about security issues.
In short
As we have just seen together, the risks are accentuated in a context where “the office” is no longer confined to a physical place managed by your organization.
Do not wait to commit the irreparable by jeopardizing the organization for which you work to address cybersecurity issues. To do this, take the right steps now and remain vigilant at all times to avoid falling into the trap of a hacker.
Do not hesitate to contact our team for any questions.