Remote work has become common in large parts of the world, including the UK, which is now working remotely. The data confirms this: for example, Microsoft saw users on its collaboration platform. Teams generated 2.700 billion minutes of online meetings worldwide in a single day in early April, a new record and just under five times the amount generated four weeks earlier.
About the Author Chris Lin is the vice president of IT at Mozilla. While it is extremely important to stay connected and stay physically distant, there are serious privacy risks that need to be addressed. Working from home can increase the risk of unauthorized data transfer and sharing. User privacy can also be affected if a lot of unknown new tools are suddenly needed to get the job done. This is compounded by the fact that home networks are rarely as secure as the central office. As an organization, Mozilla has been focused on the security and privacy aspects of the home office for some time. Even before the crisis, half of Mozilla employees (and 69% in the UK) were working permanently from home. Employers must help their employees create a safe home office environment to mitigate risks to individuals and the business. When it comes to security, there are three main areas that should receive equal attention when designing a home office: computer security, data security, and connection security.
Informatic security
Businesses large and small often prohibit the use of private equipment for work, be it a computer or just a USB stick. However, in the home office, people can quickly stop adhering to these strict rules. Private computers and devices are also at higher risk, as they are not likely to have the same level of security measures as work devices. These tend to be overseen by an IT professional who has the right expertise to identify the right antivirus software and firewall systems and ensure regular updates. Therefore, it is best to only use employer-provided devices that have been previously secured by the company's IT department with common protection software. Business devices need to be protected in the home office; this means not using private USB sticks paired with other private devices (for example, via Bluetooth) or browsing questionable websites during lunch breaks. It is also wise to be especially careful when checking private emails at this time. Criminals are increasingly using phishing and attempting to spread malware into both professional and personal inboxes. It also highlights the importance of ensuring your work device is up-to-date to protect it from vulnerabilities – the browser and any other pre-installed software must always be kept up-to-date to do so. It's also important to make sure you're good at passwords. Weak passwords can be more easily guessed or hacked through brute force attacks on networks, and if business passwords are the same or similar to those used privately, it could prove catastrophic for your location. job. As such, when setting up business accounts, it is strongly recommended that you use strong contextual passwords only different from those used for private browsing and personal life online. Some of our specific advice on this topic can be found here.
Data security
Since many of us will have access to corporate resources from our homes right now, one of the main considerations for data security is where the data is stored. Especially since companies are expected to have access to employee data at all times. Therefore, a strict separation of professional and private computing devices is recommended, from laptops to smartphones and more. If this is not possible, the data must be stored at least separately. Many companies already rely on secure cloud storage solutions like Dropbox, Box, Onedrive, or iCloud. For these, users must always respect the internal regulations of the company, especially if they use a private device. Companies should encourage users to be careful when storing documents, and in particular not to store them on their private devices. This also applies when transferring data to third parties, eg customers or service providers. If you don't use secure platforms like professional email accounts, WeTransfer or Firefox Send, your data may leak and compromise business continuity.
connection security
Since working remotely means that people often have to exchange even more data with their colleagues than before, the way in which data is transferred is extremely important. Many companies use a corporate VPN, a virtual network, to access the internal corporate network, which stores all documents and programs. This is particularly well protected against data interception, which is essential when working from home. At home, people generally access the Internet through their private Wi-Fi network. In most cases, you are not very well protected against attacks. While free networks (in coffee shops, train stations, etc.) are known to be highly vulnerable to attack if not protected by a VPN, home Wi-Fi is also a weak point. Most people use their routers after purchase via Plug & Play, with the supplied standard password and a weak Wi-Fi key. It is not ideal for private use, but certainly insufficient for professional work. A secure connection strategy for a home office has several components. Regarding your home network, it is recommended to use at least WPA2 encryption for your WI-FI router or WPA3 if you have access to it on your device. Here it is also useful to ensure that all associated software and firmware is up to date. Similarly, make sure that you only access company data through a VPN and avoid using public Wi-Fi networks unless a VPN is used. Designing a secure home office is above all about consciously minimizing the most potential confidentiality and security factors. While not an exhaustive list, focusing on the three areas above will help give employees and employers more peace of mind and focus on the things that are essential to the business during this time. difficulties.