Working from home Cyber Security Tips
13 March 2020
In the light of the COVID-19 pandemic keeping sensitive information safe while working at home is a growing challenge. This pandemic is having a major impact on businesses not just only in Romania but worldwide and its effects will have an impact for the rest of the year.
From Cyber Risk perspective, Deloitte Romania encourages Romanian employees to remain vigilant and take the following precautions when working from home:
- Do not connect to public wireless networks. Use the 4G Hotspot from your work phone if you don’t have access to a trusted Wi-Fi connection. The same recommendation same goes for private open wireless networks.
- If you do have to connect to an untrusted wireless network and you are presented with a captive portal or login/registration page: do not share any company or personal credentials
- If you don’t work from home and you are in a café for example, please check regularly USB ports. Malicious USB devices are not necessary UBS storage sticks. Malicious devices acting as rogue keyboards can be concealed in cables or any type of device with a USB plug.
- If you don’t work from home don’t leave your laptop unattended. Modern attacks allow malicious attackers to steal your credentials even if your working session is locked. Access to USB is sufficient for this attack vector.
- Use privacy screens if you are in a public place and keep an eye out for to avoid shoulder surfing.
- Ensure all devices use full disk encryption. If a machine is lost, the data on the device should not be accessible to unauthorized users.
- Even if you use a VPN connection please be aware that not all your traffic may be encrypted and protected. Misconfigurations may allow data to be leaked under undecrypted or misconfigured communication channels.
- Multi Factor Authentication should be enabled for all employees. Logging remotely without being prompted for the SMS/OTP code this should raise a red flag. Contact local IT ASAP.
- Waves of phishing email will most probably occur in the following days and especially over the weekend. If you’ve entered your credentials on sites that you’re not sure were legitimate: Don’t panic! Change your password and contact local IT ASAP.
- Avoid clicking on links in unsolicited emails and be wary of email attachments especially encrypted archives or pdfs/doc/xls. Inspect links before clicking by hovering over links with the pointer to see the actual URL destination.
- Deny requests to enable Macros when opening email attachments especially when you are not expecting such an attachment. Remember that email addresses can be spoofed to look like a trusted sender.
- If you see the warning that the Certificate is not Trusted, do not proceed forward, a Man in the Middle attack may be ongoing. Do not adopt the dangerous habit of ignoring security warnings from websites presenting untrusted certificates
- Use trusted sources such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
- Do not use the same password for your personal account and domain account. Password reuse attack are quite frequent and may expose you and the company to unnecessary risk.
Please note that these are general best practices and should be adapted to your organization after a thorough analysis. We recommend organizations to make sure that employees understand and are prepared to face additional security challenges in remote work if they are required to work from home during the current health emergency.
Regularly test your employees by performing cyber awareness exercises and trainings. We highlight the fact that it is everyone’s individual responsibility and obligation to keep all data safe and not just only under periods of crisis. We recommend employees to constantly watch for potential data security threats. Respond to actual or potential data security incidents. Report all suspicious emails, IMs, text messages or calls.