HP TECH TAKES /...
Exploring today's technology for tomorrow's possibilities
Subscribe
How to Work Remotely and Securely
Kaelee Nelson
|
September 10, 2018
Freedom and convenience are just a few benefits of working remotely.
Whether you need to finish your to-do list at home or answer an urgent email while traveling, business professionals must be capable of working on-the-go.
Yet while remote work is sometimes essential, it poses major threats to network security, leaving a wealth of sensitive information vulnerable to opportunistic cybercriminals.
Both individual entrepreneurs and large enterprises alike should learn how to set up a VPN and employ additional security measures to protect and secure their data.
Here’s how.
The dangers of phishing email
Phishing is all about deception.
It usually happens in the form of email which appears to come from a trustworthy source, but is actually a fraudulent attempt to “bait” the user into giving up privileged information.
They might be after you or your clients’ personal information, such as passwords or bank accounts, or they might be phishing for your company’s proprietary data. Either way, the consequences could be devastating, ranging from massive breaches to individual identity theft.
Even though this is one of the simplest types of cyber attacks, it’s also the most effective. Data from the Identity Theft Resource Center and CyberScout reported 1,579 successful data breaches in 2017 [1]. That eye-raising number is almost a massive 45% uptick from the year before, illustrating that the issue of phishing and cyber threats is continuously on the rise.
Users are getting smarter, but so too are cybercriminals with new and unique strategies that seem impossible to keep up with - especially since they go undetected by antivirus software.
Unfortunately, phishing scams are just one type of cyber attack you need to be cautious of.
Additional cyber security threats
Phishing can happen both on- and off-site, but there are additional cyberattacks more targeted at remote work performed on personal computers with fewer security features.
- Pharming: Sometimes known as “phishing without a lure”, hackers install code to redirect traffic to a fake, malicious site without the user’s knowledge or consent.
- Malware: An umbrella term for harmful viruses, worms, and Trojans, malware software typical steals data or destroys computer code.
- Denial of Service (DOS): A DOS attack threatens network security by sending huge volumes of connection requests until the network becomes overwhelmed and unable to function.
- Password Attacks: Without a strong enough password, cybercriminals could crack your password and gain access to your private accounts.
- Man-in-the-Middle (MitM): In this scam, a hacker disrupts network security by inserting themselves between the user’s communication and the server.
- Malvertising: Be wary of “mal” advertising, or infected ads which, when clicked on, install malicious code onto your device.
- Rogue hotspots: Disguised by a name similar to legitimate WiFi, connecting to a rogue server allows hackers to intercept information and inject malware to connected devices.
These scams only scratch the surface of the different ways you could fall victim to cyber crime. Additional threats like WiFi spoofing, Firesheep, and Honeypot attacks help explain why hackers love public WiFi and why unsecured remote work over the Internet can be so dangerous.
Unsuspecting users fall victim at coffee shops, hotels, and airports. Even the 2018 World Cup attendees were warned against the possible cyber crimes at hand [2].
Unsecured networks are so risky that the Norton® security software company reported that 60% of consumers are more afraid of using public WiFi than using a public restroom [3]. Yikes.
Fortunately, there are several measures you can take to protect your company, your job, and yourself, whether you’re a large corporation, global enterprise, small business owner, or average Joe.
Learn these essential strategies to safeguard your sensitive information and get more peace of mind over remote work and personal online activity.
What is a VPN?
When you perform remote work on an unsecured, public WiFi network, essentially anyone with the right motivation and know-how can “read” whatever information you input. This could include confidential emails, privileged documents, proprietary data, client databases, personal financial information, and much, much more.
Any and all information worth protecting is worth learning how to set up a VPN - even if you’re just shopping on an eCommerce site [4].
A VPN (Virtual Private Network) is a collection of discrete servers networked together via links through a public server. They offer network security by exchanging your trusted keys with a remote data center on a far away network. Traffic appears to come from the VPN’s server, meaning your actual IP (Internet Protocol) address remains hidden to anyone attempting to access it.
VPNs enable business professionals to safely perform remote work by accessing a company’s network resources or documents while being physically off the LAN (Local Access Network).
You can also set up a VPN as a method to encrypt private emails and confidential information whenever you’re communicating over an untrusted public network.
The bottom line: setting up a VPN ensures any information you send or receive stays hidden from potentially prying eyes.
How to set up a VPN
To set up a VPN, you first need to choose a VPN service provider. Make sure you choose one that you can trust in terms of pricing and security. They should also enable at least five devices to connect at once.
After you choose a provider to set up a VPN, you (and your employees, if applicable) will be required to download the company’s app or software. Note that in some cases, you can avoid installation by configuring your device to connect directly to the VPN - a good option for those worried about surveillance within app ecosystems [5].
Launch the application, enter your established login credentials, and follow any instructional prompts to connect to the server.
Once you’re logged in, you’re good to go. Your identity, communication, and privately accessed files will be securely tunneled through the VPN network during your remote work.
It’s important to note the limitations of setting up a VPN. Although they provide essential network security, determined hackers can nonetheless steal information using other malicious strategies.
How to create a safe password
The recent Adobe password breach affected 38 million users, illustrating what a serious threat this cyber attack poses [6].
There are three common methods to a password attack that a hacker might attempt in order to infiltrate network security and gain access to sensitive information.
1. Brute Force: generating a list of potential passwords (by systematically searching large keystrokes) via a computer program or script
2. Dictionary: cycling through common words or phrases which are most likely to succeed
3. Key Logger: tracking a user’s every keystroke through malware installed on the device
In order to protect against various password attacks, whether you work remotely or onsite, learning how to create a safe password is essential.
The previous train of thought encouraged users to choose a favorite phrase and intersperse it with a few characters and letters. For example: P4$$w0rd. These may be difficult for the human eye to process, but they’re still easy for robot computers to guess.
Passwords consisting of 20+ random characters are your safest bet, but these are difficult to manage and remember.
To create a safe password you can actually recall, IT experts recommend these tips [7]:
- Make your passwords long. Computer programs run through databases of likely combinations; a longer password with 12+ characters will be harder to hack
- Avoid predictable phrases. Don’t make a password out of names, places, significant dates, or common dictionary terms
- Use different passwords. Switch up login credentials across various platforms so that if one is compromised, the others remain safe
Security expert Bruce Schneier suggests taking a sentence and turning it into a password [8]. For example: Ltime@go-inag~faaa! = Long time ago in a galaxy not far away at all.
You should also consider adding an extra layer of network security with a two-step, multi-factor authentication method. If you need help remembering your various login information, a password manager can be very helpful.
Remember, a password attack can occur with even the most advanced network security. If you’re unsure if your password is safe enough, test its strength on sites like How Secure Is My Password.
How to send encrypted emails
Encrypted emails convert data into cipher code in order to defend against unauthorized access to private information.
Imagine an encrypted email as if it were written with special blue light ink, containing a message only legible to the select few who have the proper light to make the words appear.
Encryption defends against hackers, but it also protects private information on vulnerable devices that could be potentially misplaced or stolen.
Learning how to encrypt emails will require you to research the security configurations on whichever platform you use (Outlook™, Gmail™, iOS™, etc.) and make the necessary setting changes [9]. You won’t need to have a degree in cryptography, but you will need to be a bit tech savvy.
You can also use tools such as Virtu®, ProtonMail®, and Signal® to send encrypted emails if you need help ciphering communication while working remotely.
How to set up a firewall
Firewalls protect network security by monitoring, allowing, and blocking traffic based on a defined set of security parameters. They’re used to establish a barrier between an untrusted external network (i.e. the Internet) and a secure internal network.
Without a firewall set up, hackers, keyloggers, and Trojan viruses can attack through unpatched security holes.
If you’re using a Windows™ operating system during remote work, you’ll need to use the Windows Management Instrumentation (WMI) to adjust your firewall’s security settings.
You can also set up a firewall using your router’s hardware if it’s not already installed out of the box. The Gibson Research site lets you check your router’s network security by using their ShieldsUp tool.
How to protect your personal information
Phishing and cyber attacks aren’t exclusive to business executives.
Personal laptop and PC users are equally vulnerable to being hacked, so learning how to set up a VPN, create a strong password, encrypt communication, and build a firewall is worth everyone’s while.
Whether or not you learn how to set up a VPN on your personal computer, you should always be wary of what links you follow, files you download, and sensitive information you provide.
If you’re not diligent, you could give con artists your bank account number, Social Security number, or access to personal records, leading to a whirlwind of trouble.
What laptop is best for working remotely?
Good, old common sense will go a long way in terms of remote work and network security. Avoid clicking untrustworthy links, always use your VPN, and never share your password.
Set yourself up for safe success by using the best laptop for remote work. Many HP laptops, like the HP EliteBook 800 series, come loaded with advanced security features to give you increased confidence.
HP Sure Start, Sure Run, and Sure Recover work together to encrypt data, manage applications, and detect viruses. You’ll also benefit from a number of proven productivity features that help streamline your remote work while ensuring its protection.
Using the best laptop for remote work, taking advantage of the available security features, setting up a VPN, and diligently following proper security protocols will prevent sensitive information from winding up in the wrong hands.
Start making necessary laptop security upgrades before you’re blindsided by a breach.
[1] The Identity Theft Resource Center; 2017 Annual Data Breach Year-End Review
[3] Norton; Why Hackers Love Public WiFi
[4] Financial TImes; Cyber Attacks Bought ‘as easily as online shopping’
[5] Cracked Labs; Corporate Surveillance in Everyday Life
[6] Krebs on Security; Adobe Breach Impacted at Least 38 Million Users
[7] Connect Safety.org; Tips for Strong, Secure Passwords & Other Authentication Tools
[8] Bruce Schneier; Choosing Secure Passwords
[9] Comparitech.com; How to Encrypt Email
Related content you might enjoy:
- How to make working from home more secure (HP Garage)
