Self-defence for mobile workers
When you’re out of the office you might feel you’re on your own. Learn how to take care of security yourself
Flexible and mobile styles of working are on the rise. A recent survey for Regus found that over half of the workers surveyed worked outside their main office for more than 2.5 days in every week, and that only 36% of those worked exclusively from home within their out-of-office hours. New laptops and mobile devices, combined with take-up of cloud computing, are making it easier to for us to work whenever and wherever we need to, all day long. This is a very good thing.
Yet this shift also has a downside. While on the company premises, we can make assumptions about the physical security of our devices. We can rely on our company's network and device security to protect sensitive company data, both in transit and at rest. All this changes while we're in the field or on the road, working remotely or working from home. While we can still expect some support from company IT resources, we also have to take some responsibility ourselves. Without our in-house IT systems to protect us, we need a crash course in self-defence. These seven pointers should get you started.
1. Watch your physical security
A laptop or device with unsecured company or customer information is a timebomb waiting to go off, with risks of causing a data breach that could be disastrous both for your company and your position. Your first mission, then, is to ensure its physical security, making sure it's not left anywhere where it could be lost or stolen, or in a public space where others may be able to tamper with it or install malware from a website or USB key. Every year laptops and smartphones containing sensitive information are left in the back of taxis, on the train or in a bar. Don't let it happen to you, and if you do, report the loss or theft immediately to your IT team so that they can take appropriate measures. Nobody likes to admit a careless mistake, but not doing so allows the consequences to snowball.
2. Check before you connect
Laptops, smartphones and other mobile devices are designed to connect to the internet from anywhere where you can get a Wi-Fi signal. Cloud-based email, messaging and line-of-business apps are designed to give you the information and capabilities you need, wherever you might be. All the same, this doesn't mean you should connect to any available Wi-Fi network no matter where it is or who provides it; there's a danger that unencrypted data streams may be monitored or captured and credentials stolen, or that other users on an open network may attempt to infiltrate your device.
If you're connecting to, say, a caf or hotel network, be sure that the SSID and password match any information provided by the establishment and that you're not connecting to a hotspot set up by an unscrupulous third party, and avoid connecting to an open, unsecured network whenever possible. In fact, the best advice is to connect to the internet and particularly the office network through an IPSec or TLS Virtual Private Network (VPN), preferably one provided by your company. Ask your IT team if they have one, and make sure it's set up securely.
3. Protect data at rest and in transit
Occasionally, with the best will in the world, laptops and smartphones are lost or stolen. If the data on them is accessible and unencrypted, a breach is the likely result. What's more, any authentication or form-filling handled automatically through a client or browser could still work for unauthorised users. First, all devices should be protected by a PIN code or a complex password. Second, any company or customer data on your device needs to be encrypted and the features to do so are built into Windows 10 and other operating systems so there's really no excuse. That's the data at rest sorted, but what about data in transit? Again, it comes back to using a secure Wi-Fi hotspots for connection and ensuring that any connections you make to company cloud services are protected by SSL or TLS. Look for the green padlock symbol in the browser address bar, though be aware that this doesn't guarantee security. Better still, use a company VPN.
4. Use stronger forms of authentication
If you use an easily-guessed password or any kind of default password for any device, you need to raise your game. Use complex passwords containing a mix of standard case letters, capitals, numbers and symbols or switch to a four or six-digit pin. Struggling to remember a difficult password is no excuse; use a password manager app or service if you can't hold your passwords in your head.
Yet you should really consider this the baseline. Most major cloud-based services and company networks now offer two-factor authentication, combining something you know, like a PIN or password, with something you have, like a smartphone, or something that proves who you are, like a fingerprint, voice-print or face. These two-factor-authentication systems might be optional, but they're worth using to keep your device and data safe.
5. Watch your screen (and be sure nobody else can do the same)
We get so caught up with internet security that we sometimes forget about snoopers in closer proximity. We're talking about the people who stare over your shoulder when you're entering credentials, or take a sneaky peek at or even a snap of your screen while you're working on something sensitive. Some laptops, specifically key HP EliteBook laptops, now have a built-in Sure View privacy screen which prevents those to the side or looking from the wrong vertical angle from getting a clear view of your display and its contents. On devices without, you need to be aware of what you're working on, who might be able to see it, and what the consequences might be should they get a decent look.
6. Think about who you share your space with
If you're working from home, be aware of who you share your space with. Just as you wouldn't leave sensitive documents in full view of anyone who comes through the door, so you shouldn't leave work computers or accounts accessible to housemates or family members, and you certainly shouldn't share them. This doesn't mean you should be paranoid about your friends or family, but you might not always know or trust who they invite into the house, and there's always a danger of someone inadvertently installing malware or sharing something confidential.
7. Secure and update your devices
Anti-malware software, real-time protection and a regular scan are an absolute no-brainer on any Windows device, but it's surprising how many businesses don't enforce even these basic levels of active security.
Beyond that, the most important step is to ensure that any device you use has the latest updates and patches, most particularly on the operating system and the browser. Note that some laptops include additional security features. For instance, HP EliteBook models feature HP Sure Start firmware protection and firmware whitelisting, preventing unauthorised firmware from installing on the system and infecting your device at the lowest, hardest-to-detect level. It's another extra layer of security to keep you, your device, your data and your organistion safe from harm.
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now