Your Home office cyber defense

Written by sabri.khessibi in Home office technology

It is necessary to ensure that your home office is cyber-secure as confidential information of yourself and your clients can get into the hands of criminals. Your home office is  prone to be targeted by hackers and online fraudsters as they usually perceive home office networks as easy targets. Unlike a company where they have an IT department to handle cyber security, here it is all up to you. Setting up your home cyber defense can seem to be a daunting task. But if you know the basics of cyber defense, you can easily set up strong and smart cyber defense mechanisms.

How to setup a proper Home Office cyber defense? The key aspects to focus on are preventing unsafe practices, ensuring proper data protection, ensuring network safety and putting in place adequate device protection.

This article will help you understand the basics of how to protect your home office and make it cyber secure, so read below for the steps we use and encourage you to use as well.

Some of the cyber-threats that you may face are as follows:

  • Credential theft. You may have been aware of the term ‘phishing’. In the past few years it has turned out to be a real menace. It is a way to steal people’s identities and important information to commit fraud as well as financial theft. One way this is done is through a DNS changer attack The DNS changer is a script that changes the DNS of your computer and it changed to the server that a hacker controls… Usually normal phishing attack affects the settings on your router which makes all the gadgets attached to the router vulnerable to attack. The hacker steals the credentials and tries it on banking accounts or other services. One way the risk is high is when you have the same password for all services online.
  • Ransomware. Ransomware is where the hacker captures your data and encrypts it. You will be given access only by paying a ransom. This is highly prevalent crime and thousands of businesses are affected by it every month.
  • Tech support scams. Here you may get a message or a pop up say that your system has a problem and to call a number. They usually ask for remote access through team viewer or any such remote access software and then take control of your computer.
  • Breach entry point. If you are working remotely most of the time then you may be putting your company at risk. You may be using your company credentials from multiple locations to login to the company network. Using different systems and accessing the company from various points will leave it vulnerable to external attacks 

Let us look at some common ways in which your home office becomes vulnerable to attacks:

  1. Unsafe practices
    • Online practices make your home office very vulnerable. This includes clicking on unknown links, giving personal information online, using same passwords and lack of caution in logging off of services and accounts while using public networks.
    • Using default passwords is among all these the greatest insecure practice. Also, if you use the same password for everything then hackers can easily access all the services. 
    • Another problem is not updating the OS regularly. If you are like me, you will usually ignore the OS update messages and leave it for later. It never gets updated and leaves the system open to attackers.
    • Not backing up data is another bad practice. In case your system is hacked will your data be accessible elsewhere? Having multiple and frequent backups is a great practice that home office workers can start.
    • Not changing the router password frequently will make the router vulnerable to attack.
    • Another issue is the lack of a proper security software that will ward off most the threats and make networks difficult to penetrate.
  2. Compromised Networks
    • If you network passwords and admin logins are not changed frequently the router and network will be compromised
    • If you have remote management enabled that means that your can manage the router from outside and this in turn will also leave it accessible for other people outside your home network. Access to your router remotely will compromise all data any devices associated with the home network.
    • If you have open ports it will allow connections to be made inside of your subnet to outside access. This can also be a way inside your network.
    • Your having out-of-date firmware can be a threat, as they contain the latest patches and security fixes. This will prevent hackers who can hack the software that have known vulnerabilities. Updating on time will ensure you have the latest software with the fixes which addresses these previous vulnerabilities, blocking out potential threats.
  3. Through your devices
    • Here again the default account passwords are a problems and have to be changed frequently
    • It is important to limit the ways to access your devices, as more entry points there are the more vulnerable the device is to external attack.
    • Firmware of the device need to be updated frequently so that the known vulnerabilities of the older

So now what can you do to ensure proper protection for your home office?

Here are a few things you can do:

Protect your router 

  • If your router does not have a password set please set one immediately! Even though it may seem to be more convenient to have no password, the router is left open to access to anyone who wishes to do so
  • The second step is to change the admin password at least every 4 months. This will ensure that access is renewed and any breaches can be automatically plugged
  • The next step is to update the firmware of the router regularly whenever the update prompt shows up. This will ensure that old vulnerabilities are no longer relevant for hackers to exploit
  • Remove remote access from the router

 Protect your computer

  • Keep your OS updated automatically as it will happen regularly and need not be dependent on your memory
  • Install a good anti-virus so that you have adequate threat protection
  • Turn off Wi Fi Sharing so that your credentials are not shared with anyone

Hack-Proof your smart devices

  • ALL your smart devices need to have admin passwords changed frequently
  • Try no to connect the smart devices to other devices so that you can move it to the guest network so that if compromised the entire network is not compromised
  • Update the devices whenever the latest fix is suggested by the company

 Protect your data

  • Do regular back up
  • Have backups in multiple places for ex. A cloud back-up plus manual back-up.
  • Automate your backups so that even if you are lazy someday, the back-up still happens on time
  • Check the sender ids of your emails and be cautious about phishing emails. The links that come to your email needs to be double checked before you click it. Even then the link can seemingly authentic and get information from you.
  • A good way to prepare yourself is to get anti phishing training to learn how to defend yourself from any cyber attack.
  • Do not mix work devices and personal devices as this may compromise your network (assuming your work network is less secure).
  • Protect your files and folders through requiring passwords to access them and encrypting devices and proper backups
  • Install multi factor authentication to protect the core and most important data. This means that rather than just a password you also have additional steps to log in such as a temporary code to your phone number or activation sent to your email. 
  • Have a data breach plan- In case you have a data breach where will you access back ups ? how will you back up? How will you communicate about the breach to customers? What actions will you take to re-secure your data?

If you work from home a lot or at coffee shops or libraries or airports where you access the public wifis you need to be careful as they are often not secure. If you are using such a wifi password then send and receive information from encrypted websites which has the ‘https’ in the url.

How to protect yourself from scammers

These are the most common scams targeted at small business or home office workers as well.

  • Usually they tell you that something is wrong and you need to download something
  • Or you cannot access some software or website and you may be asked to click on the links that will show you how to access your information
  • You may be asked to fill up a form and then they call you to ask for remote access. They may also ask you to buy a software which actually will install a virus in your computer.
  • If someone calls you offering tech support or you have a pop up asking you to call a number then do not follow their instructions.
  • If someone asks you to pay for services with a gift card or wire transfer do not proceed: hang up!
  • In case you do have a technical problem call the company that made the software and have them offer you solutions.

A note about passwords: One of the best ways to defend yourself is to get a password manager so that you can have a variety of passwords and change them frequently. The password manager also generates strong passwords for you and you can save hundreds of passwords without taxing your memory. This will help you protect yourself from one of the most common security threats.

Related questions

How to surf safely online: Use a good anti-virus. Your password must be complex with special characters, lower case and upper-case letters. Confirm the site’s security (https vs. http). Be selective with whom you share your info: only government’s or financial institution’s secured sites. Use a credit card with a low limit for online payments…

What expenses can I deduct for my home business? You can write off everything you spent for your home office and your business: office supplies, furniture, laptop, Internet access, printer… Very important: have a business reason for the expense and keep good record. Ideally, you have a separate business account and credit card: that comes very handy during tax time to show what was purchased.

Recent Content