How to Stay Safe When Working Remotely
Since the outbreak of Covid-19, more businesses have shifted to mobile work — with 16% of all companies worldwide becoming 100% remote. This allows people to trade their daily commute in traffic for a one-minute journey from bed to home-office chair.
It also converted the laptop lifestyle from luxury to absolute necessity, and, in what follows, increased the likelihood of corporate cyberattacks. The 2022 Alliance Virtual Offices report showed home workers are the primary target of online criminals, who increased their activity by 238%. It’s a very alarming trend, bound to grow higher as more companies incorporate blended working styles.
While your workplace should put certain precautions in place to protect valuable databases and prevent data breaches, a lot is still in your hands. Here’s what to look out for and how to keep work-from-home privacy to the highest level.
Table of Contents
Working From Home Privacy RisksPrecautionary Steps Needed To Protect Your Data During Remote Work
Looking After Your Work-From-Home Privacy Doesn’t Have to Be Difficult
FAQ
Working From Home Privacy Risks
What’s at Risk for You as an Employee?
-
⛔ Malware, particularly ransomware and viruses
- ⛔ Phishing messages, emails, and phone calls
- ⛔ Weak passwords, which let online criminals break into your accounts
- ⛔ Public or unsecure Wi-Fi networks at cafés, libraries, hotels, or more
- ⛔ Video attacks, like webcam hacking or Zoom bombing
- ⛔ Bossware, which is software your employer can install on your device and monitor everything you do
You might be familiar with most of these, aside from the new revelations in the cybersecurity space — video attacks and bossware.
Video attacks, also known as Zoom bombing, grew in popularity when work meetings moved from the office space to Zoom and other video conference platforms. The attack involves an individual or an organized group breaking into your online meeting to silently steal information or troll participants.
Bossware is an employee-tracking software installed on your work devices by around 60% of companies — often without your knowledge. It comes with a set of sophisticated trackers designed to check when and how you perform your daily tasks. How it works depends on which program your boss uses, but it generally focuses on tracking mouse movements and keyboard input, taking screenshots, and checking browsing history.
At its worst, bossware can take control over your camera and microphone, so beware your employer could be taking photos and recording your conversations. It’s legal to use, as long as it’s not violating your out-of-hours privacy.
Privacy Risks Employers Are Prone To
-
🚨 Unencrypted file-sharing between employees
- 🚨 Weak backup systems and recovery practices
- 🚨 Expanded cyberattack surfaces due to employees working on various networks
- 🚨 Use of unprotected personal devices for work-related tasks
- 🚨 Human error, which could let attackers into corporate networks
- 🚨 Insider threats, particularly from past employees who know how to access internal networks
Remote work makes it almost impossible to oversee what employees do all the time. Though you could use bossware to check your workers’ productivity, it won’t stop them from making mistakes and compromising your systems. This increases the risks your company is prone to, especially human error.
Human error is behind 95% of all cyberattacks at work, costing companies an average of over $3 million in 2020 alone. This stems from unintentional mistakes or a lack of appropriate cybersecurity knowledge, which leads to malware downloads, unencrypted file-sharing, and more.
Everyone working from different places also greatly expands the cyberattack surface, making it easier for malicious actors to break through and leak data.
Precautionary Steps Needed To Protect Your Data During Remote Work
Secure Your Work Accounts With Strong Passwords
Passwords are one of these things you may overlook when creating new accounts — yet it’s the simplest and most powerful first defense against online attacks. Cybercriminals regularly scout the web, trying to guess weak passcodes and gain entry into your accounts, devices, or even entire networks.
Using a strong password makes it a lot more difficult to break into your work accounts as it would take months (if not years) of brute forcing an entry to gain access. The best combinations must be at least 8 characters long, including special characters, numbers, plus uppercase and lowercase letters.
Considering you’re bound to have dozens of passwords for both work and personal accounts, remembering them all is an almost impossible task. A whopping 53% of people rely on their memory, causing over half of users to reuse the same combination for work and personal accounts. To increase your protection and avoid unnecessary stress, get a password manager to do the hard job for you.
Some password managers, like Sticky Password, are completely free to use. Better yet, they create extremely strong combinations for you in addition to storing your security passkeys for future use — it’s a win-win.
Enable Two-Factor Authentication
Two- or multi-factor authentication requires you to provide a separate verification method to log in. This means you receive an additional security prompt, like clicking a link sent to your email, entering a security code, or biometric verification, after you type in your password.
A 2019 Microsoft study shows multi-factor authentication makes your accounts 99.9% less likely to become compromised in an attack. It only adds a minute or two more to your usual login time too — which is a very beneficial trade-off considering the increased security.
Keep All Devices Up to Date
Software patches fix known security vulnerabilities with patches and add new protective features. These weak points could allow cyberpunks to enter your devices, so keeping up with manufacturer updates is crucial to stop them from stealing data. At the same time, new security features make it more difficult for attackers to break through protective systems, pushing them further back from a successful break-in.
Unless it’s on top of your weekly to-do list, it’s easy to forget new software updates. Luckily, device manufacturers make it easy to stay on top of it with automatic updates. It’s a setting you can enable on work and personal devices, which will regularly scan for new patches and install them for you without a problem. All you have to do is occasionally restart your computer for the updates to start working.
Verify Every Sender Before Opening Any Attachments or Links
According to CISCO’s 2021 Cybersecurity Threat Trends report, phishing emails are behind around 90% of all data breaches. The high success rate comes from the sheer amount of malicious messages sent on a daily basis as 3.4 billion emails circulate the web every day. This means you’re more than likely to receive at least one of these in your inbox as you tick off your work to-do list.
Many phishing emails look like they were sent by your employer or colleagues. This is why it’s important to always verify who sent it before you open any attachments or click on links. Reach out to the alleged senders using a different way of communication, like a phone call or a Slack message. If they confirm, you have nothing to worry about. If they don’t, delete said email and report the sender.
Create Regular Backups for Important Documents, Folders, and Systems
Accidents happen and it’s possible you could get attacked by malicious software even if you do everything right. While backing up your devices won’t actually add to your cybersecurity protection, it will make your life easier if you lose your work device — or it gets stolen. This is because you can redownload and recover all files, folders, and even the entire system onto any other device.
Cloud backups are both manual and automatic, so you can adjust the process to your liking. However, it may be difficult to regularly upload everything to the cloud, so automatic backups are the best way to always have the latest version of your work on hand.
Install an Antivirus Program
Malware comes in many shapes and sizes, making it incredibly difficult to detect. Viruses, trojans, ransomware, worms, adware, spyware, and more hide in nooks and crannies of the online space, waiting to attack when you least expect it.
Very often you may not even know the file you’re downloading or a website you’re visiting is, in fact, malicious. It would be impossible for you to detect on your own, unless you’re a senior cybersecurity specialist. This is why you need antivirus software as a primary source of protection.
An antivirus scans all of your downloads and any websites you visit. Then, it immediately shows you whether it’s safe to open or not. Very often, an antivirus also blocks dodgy sites if you try to view them and removes malicious files from the system.
While you can choose from many antivirus software, not all of them offer great affordable services. PIA’s Antivirus is 100% privacy-first software, which means it protects you against all types of malware without tracking or logging your internet use. It also offers 24/7 malware scans, a DNS-based ad-blocker, and a prevention engine — eliminating any zero-day vulnerabilities from new software updates.
Disable On-Screen Notifications and Minimize Tabs When Sharing Your Screen
This one isn’t as much about protecting your data online, but making sure you’re not revealing personal information at work. In the work-from-home era, you’re bound to do some sort of presentation on a video call, which requires you to share your screen with everyone. Sounds simple in theory — until you realize your colleagues and employers can see all of your tabs and notifications.
This isn’t much of an issue if you use your browser purely for work purposes. However, if you work on personal computers, you should block notifications and close all the tabs before presenting. Ideally, do all non-work-related browsing, like writing resumes, in a completely different incognito window. That way you won’t risk uncomfortable chats with your boss about why you’re looking for new positions at competitors.
Enable Web Filtering on Your Default Browser
Websites without the HTTPS code can carry malicious code which infects your devices with trackers or malware. Web filters allow you to block specific content or even entire websites to protect you from cybersecurity mishaps on work devices. You can also use it to restrict posting on social media, so you won’t accidentally share any work-related information while you scroll through your home page.
Most devices have web filtering services within their settings, making it easy to set up as you sip your morning coffee. You can usually find them under “Parental Controls” — but don’t be discouraged by the name. These filters work just as well at helping you avoid cybersecurity mistakes as protecting children from inappropriate content.
Turn On Internet Firewalls at Home
Firewalls add to your protection as they monitor incoming traffic and limit what can pass through into your network. Imagine a firewall as a bouncer at the entry into your network. He IDs every request, lets in legitimate traffic, and blocks anything remotely malicious. They do so based on pre-conditioned settings you can set up yourself or your work sets up for you.
Enabling firewalls can be a long-winded and tricky process, so reach out to your IT department if you need assistance. They may not always be able to help you out with your home network, but they could put firewalls on your work devices.
Use Separate Devices for Work and Personal Purposes
Using a personal computer for work is convenient and delegates the cost of having to buy a new one. However, this practice puts you and your employer at risk.
Chances are, if you work from home you have other people accessing your personal devices, like your children, siblings, or spouses. This greatly increases the chances of anyone making a mistake and compromising the security of said devices. Whether it’s phishing, torrenting, streaming, playing online games, or even an unaware child bashing the keyboard, anything could expose confidential work data.
It’s best to have a separate work device you keep away from anyone at home. Sometimes you can request one from your employer, but if they deny your request buying one second-hand works too. You can find many options on Facebook Marketplace, eBay, and other online e-commerce sites.
Connect to a VPN
VPNs make it impossible for cybercriminals to break into your devices. When you connect to a VPN, you tell your traffic to go through a tightly encrypted tunnel before reaching its destination. This changes your IP address to a random location of your choice and makes sure all of the data you send stays hidden from the world.
This protection is a must if you’re working on public Wi-Fi as it hides everything you do online from malicious actors waiting to break into your device. It’ll also stop online trackers — and bossware — from keeping tabs on what you do throughout your day.
PIA VPN uses top-grade military encryption, so you can rest assured your data stays safe to the same extent as top-secret government information. It’s unbreakable. On top of that, we also have leak protection and a kill switch which disables your internet connection whenever it detects a weak Wi-Fi moment.
Purchase a Webcam Cover
Remote work often means participating in video conferences multiple times a day. However, your webcam doesn’t always remain offline when you hang up on your colleagues at the end of the day. Cyberbullies can easily take control of the little glass eye in your laptop and spy on you. And sometimes even steal vulnerable information you keep on your desk.
If you don’t use a built-in webcam, simply unplug the external one from your device when you’re finished. But if your cam is permanently welded into your device, like a laptop or phone, you should invest in a cover.
A webcam cover is an inexpensive small slider you stick over your camera. When you need to use it, simply slide the webcam open. When you’re done, slide it back into position. It’s so simple, but it takes your privacy to a whole new level.
Be Vigilant During Zoom and Other Video Meetings
So-called Zoom bombing became a thing back in 2020 and grew in popularity over time. The practice involves unauthorized users gaining access to your work or personal video conferences and then harassing everyone involved. It’s mostly a malicious practice aimed to cause emotional distress, but the worry is people could silently spy on your meetings and collect vulnerable information.
You can prevent Zoom bombing by making sure every meeting you attend or host is set to private and protected by a password. Though the name of the attack refers directly to Zoom, it can happen on any platform — so make sure to choose providers only with end-to-end encryption. Always watch out for any user who looks suspicious in the call and flag it with the appropriate departments. And don’t forget that webcam slider!
When In Doubt, Reach Out to Your IT Department
Unless it’s in your job description, it’s not your responsibility to know the ins and outs of cybersecurity. If you ever find yourself not knowing what to do, reach out to the IT experts at your work. The IT department can help you tighten your security settings, install an antivirus program, enable firewalls, connect to a VPN, and much more.
You should also report anything unusual to your company. Since you work remotely, they can’t always see what you’re doing, so they may not be aware of the risks you’re exposed to. Keep them up to date on any security alerts, notifications, and phishing messages you receive.
How PIA Improves Your Online Privacy
At PIA VPN, your online security is our top priority — for both remote work and your personal internet downtime. This is why we equipped our servers with the best protection available on the market.
At the core of our service, we apply military-grade 256-bit VPN encryption to every connection to wrap your traffic in unbreakable code. This ensures no one can peek at your data, even if you use public Wi-Fi to work in a café or library.
Additionally, PIA comes equipped with an advanced Kill Switch. When enabled, the feature turns off your internet connection if the network you’re using becomes unstable, which is common on public Wi-Fi. Without a Kill Switch, patchy internet could leak any data you send and receive, leaving it up for grabs for cybercriminals.
VPN protection wouldn’t mean much if the service itself had access to your search and browsing history. PIA follows a very strict No Logs policy. This means we never check or record your search history. Our policy also underwent an independent audit, which found we store no identifying user data on our servers.
Better yet, you can work remotely and increase your cybersecurity with PIA.
Looking After Your Work-From-Home Privacy Doesn’t Have to Be Difficult
As companies shift to full or partial remote work, cybersecurity has become a hot topic for both staff and employers. Phishing, malware, scammers, and data thieves are on a constant lookout for system and network vulnerabilities to break into your devices. This, in turn, could compromise not only your own personal information but also valuable business data, costing your company millions of dollars.
Private Internet Access is a simple and effective way to protect your digital work life from cybercrime and unwarranted monitoring. Our military-grade encryption secures your data during online working hours and hides it from prying eyes. At the same time, our proprietary MACE ad-blocker stops ads, trackers, and malware from sliding into your network.
Connect to PIA and keep your business private.
FAQ
It can. Remote work significantly increases an “attack surface” and increases the chances of corporate data privacy threats. This pushes you as an employee and your employer to put greater thought into enforcing appropriate security measures to avoid letting intruders into the company’s network.
The main threats lurking in the corners of the internet are ransomware, phishing, and data theft. If you know how to recognize them and protect against them, you’re already halfway to being safe. The other half though has to be put in from your workplace.
Yes, employers can spy on you using bossware. The software tracks mouse movements, saves browsing history, records your screen, takes screenshots, and even turns on the camera and microphone on your device. Though it doesn’t sound like it, it’s legal to use — but it still violates your privacy.
You can use a VPN to stop bossware in its tracks, though. PIA uses top VPN encryption to hide your information, so companies can’t see what you use your computer or phone for. Best of all, you can download PIA and protect your data privacy when working remotely.
The best thing you can do to protect your privacy when working from home is to download a VPN and an antivirus. It’ll give you all-around internet security as it’ll hide your online data and make sure no malware sneaks through into your system.
You should also expand your cybersecurity knowledge, especially when it comes to phishing. It’s worth asking your employer if they would be willing to provide dedicated training at work. If not though, you can still find plenty of free resources, such as Udemy or Codecademy.
Yes! A VPN encryption hides what you use the internet for and changes your IP address, so no one can use your geolocation to find out where you are. This stops cookies and trackers from personalizing your adverts or sending you marketing emails.
PIA VPN also offers its users a dedicated IP address. Using it means you’ll run into fewer CAPTCHAs and security warnings or account restrictions since your IP address isn’t constantly changing. It adds an extra layer of security too since even we don’t know which combination you’re using, giving you top privacy.
