Feeling secure with your IT? 

Staying safe at home is still the order of the day, and as we have become physically isolated, we have become more digitally connected – to our workplaces, our data and each-other. This is undoubtedly a good thing in terms of keeping everything going, from personal relationships through to critical projects and day-to-day business, with some damage avoidance already done for those businesses with strong work-from-home or cloud-based elements to their processes. As we become more physically separate however, the number of security flaws begins to increase. With a physically disparate workforce, or a family where home visits are impossible, it is hard to ensure that everyone’s cyber security is up to a good, or even sufficient standard. 

As we come into the 8th week of lockdown, it’s a fact that there are now more cyber threats than when we entered, and for small businesses or families that don’t have a particularly rigorous approach to IT security this means that the threat of data theft or security breach is very real. As we are a Cyber Essentials accredited body, and we want everyone to be as safe as they can be right now, here are some top tips to getting yourself secured at home, from the team at Pearce IT. 

Protect devices with Antivirus software. 

We’ve all heard that Mac’s don’t get viruses (False) or that Windows Defender is the best AV solution out there (False), but in reality If you don’t run an AV solution, then you’re not really taking your security seriously. AV software now includes features such as real-time scanning for websites, as well as any files that you open or applications you run or download. We recommend ESET Internet Security as it has a fantastic range of features to secure your device from external threats. 

Update everything 

Cyber-criminals work very hard to exploit vulnerabilities in operating systems and software. They realise that people’s willingness to run outdated software is their quickest route into your device. Similarly, application and OS developers work even harder to ensure that the latest versions of programs have these vulnerabilities patched. It’s vital to update the OS and all critical software installed on any device that you use at home, especially if it’s currently being used for work. 

Secure your WiFi 

Protecting your devices will be of little help if an attacker connects to your Wi-Fi or takes up residence inside your router. Anyone who does that can intercept data, passwords, remote-access sessions, or work e-mail. You must lock your network down. 

Make sure that the WiFi access to your router is encrypted. If your Wi-Fi asks for a password, the connection is encrypted, but there is more than one method of encryption, and really you should be using WPA2. You can use the router settings to change the type of encryption — and your WiFi password while you are at it (remember to use a strong password) to make sure nobody that already has your credentials can continue to connect.  

While you’re there, change your default admin login and password to access your router settings. The default passwords for many routers are very weak leading to them being cracked, but many are also published on the web. System administrators and IT support personnel look these up all the time. These are often simply written into malware code — if they work, your router is captured. Intruders can check open devices on your network for files or spy on you. Remember - everything you do online passes through your router. We supply Draytek routers, which have great encryption and security options. 

Use a VPN if connecting to open or strange Wi-Fi networks 

If for some reason you are connected to someone else’s WiFi, or as an essential worker you are unavoidably on the move, then you should use a Virtual Private Network, or VPN. This encrypts the connection between your device and your target network, and between your device and the router you are currently connected to, so anyone else monitoring the connection will not be able to read it. 

Lock your device 

You should have password protection enabled on every device you use. It can still be stolen. Even if you’re working at home and outsiders can’t get to your devices, if you’re about to leave the device or the room, lock the screen. You probably don’t want your child to accidentally send a gibberish text to a customer, or your cat to wander across the keyboard and send half an email to the company directors.  

Make sure you use secure services 

You most likely have a set of IT services that you use for work, such as Microsoft Office 365. If you or your employees are using such a service, make sure that it is THE ONLY service that you or they use for storing or exchanging company data. Personal Google Drives and the like can send anonymised links that can potentially be picked up by search engines, so make sure everyone is set up correctly and using reliable and secure cloud storage and sharing apps. We recommend using Microsoft Office 365 which allows secure cloud storage using OneDrive and SharePoint, and messaging, videoconferencing and sharing via Teams. We can even ensure these services are backed up. 

Be vigilant 

Phishing mails can be highly convincing, and spoofing attacks can send mails which appear to originate from within your organisation, from a customer or a loved one. Sometimes, these can bypass even the most sophisticated SPAM and email filtering services. As the amount of digital communications has increased sharply with teleworking, so you should read all messages carefully and don’t rush to reply. If someone urgently needs an important data or a demand for payment of an invoice, double-check the sender is who they claim to be. Call the other party for clarification if needed. Check links on documents especially; best to check them by hovering your mouse over them first. If it’s a random URL, then best to ignore it. If a link takes you to sign-in page for any service, be VERY suspicious indeed. It is always better to get clarification on links and linked files from someone else or the supposed sender. 

Be comfortable 

Finally, don’t neglect your wellbeing. Lounging around on the sofa might seem like a great idea whilst working on the laptop, but you’ll end up being uncomfortable in the long run, Find yourself a desk and a comfortable chair, preferably in a well-lit room to your productivity and concentration levels high, don’t forget to periodically stretch  your legs, drink water, and don’t skip meals. When our concentration levels are low, that is when we are most vulnerable.