Working from home? Secure your home network

By Anthony Green
Jun 10, 2020
Photo credit: Heiko119/iStock/Getty Images

Listen to our podcast episode with this article's author, Anthony Green. Part of our Coffee Chats with CPABC podcast series.

Although offices and workplaces are looking to reopen, as we emerge from the COVID-19 pandemic, many of us will likely continue to work from home on at least a partial basis for the foreseeable future. Therefore, it’s important to be aware of the basic cybersecurity measures we should have in place to protect both our personal and workplace data.

From protecting our computers and other devices from viruses and hackers, to using cloud services and Wi-Fi securely, we’ll walk you through our tips on home cybersecurity.

Protect your computer with anti-malware

Anti-malware is an anti-virus software designed to protect your computer from viruses that can harm your computer or gain access to personal information. Some anti-malware is free and some are only available through purchase, as they can include added-on features such as parental web filtering, and usage on multiple devices. Since having anti-malware installed on your computer is extremely important, even if you have to pay, it’s well worth the investment. Popular anti-malware includes Sophos Home and Norton.

Turn on automatic updates

As intrusive as updates to multiple software on your computer can be, there are important reasons for these updates. First of all, they fix internal bugs that can prevent your programs from working. Secondly, updates are often released to combat hackers trying to infiltrate your device with viruses and other security threats.

It’s recommended that you turn on auto updates whenever possible. Although software updates can feel cumbersome, especially if they require you to restart your computer, they will save you a lot of time and trouble in the long-run from not having to deal with malware. The same practice should apply to your smart phone and other mobile devices as well.

Always work within your corporate VPN

When you worked on your computer at your office, you were likely using a private internet network that your workplace set up to keep information contained within your organization. A virtual private network (VPN) extends this network to whatever location you are working from. Think of a VPN as a direct virtual tunnel to your office’s network. No one outside the VPN network can gain access to information within.

Information within VPNs is also encrypted, meaning it’s scrambled into a complicated code that can only be deciphered by devices within the VPN. So if data within the VPN were to somehow get intercepted by an outside party, it would not be able to decipher the encrypted information.

Related articles

Passwords and multi-factor authentication

Strong, unique passwords and multi-factor authentication are important keys to cybersecurity.

When it comes to passwords, it can be tempting to use the same ones over multiple platforms. Since many sites have several requirements for passwords, such as using special symbols, capital letters, and numbers, it can be a pain to have to create new passwords each time. However, the danger in reusing a password is that if a hacker gains access to it, they can use the stolen password to access other accounts.

To help you keep track of your passwords, try using a password manager app. These apps will store your passwords for you so that you don’t have to write them down or save them across different digital locations. Popular password manager apps include Dashlane and Keeper.

Multi-factor authentication is when a site requires you to confirm your identification in at least two different steps. The first step to logging in is typically having you provide your username/email and a password or PIN number. The next step in authentication can vary, such as the system sending you an automated text message or calling you with a unique verification code – this is commonly known as identification-verification.

Another method of identification-verification is when a system requires you to enter a one-time generated code from an app on your phone. If your workplace is using this method, your IT person will likely have set you up with a one-time code generator app your organization has connected to its VPN network.

You can strengthen your cybersecurity by taking these extra precautions. If you are a small business owner, or in a position within your organization where you oversee cybersecurity, it’s strongly recommended that you implement multi-factor authentication within your VPN network.

Don’t download sensitive data onto your local device.

Hackers can sneak into your system via a number of ways, including infiltrating your Wi-Fi network. It’s critical that you do not download any sensitive data to your physical computer, as you will risk having that data exposed to hackers should they gain access to your computer system.

Remember to instead make sure you only download sensitive data while working within your VPN network. As mentioned, anything you download is encrypted and saved within the system – as opposed to being saved to your physical computer.

If you are using the Outlook Web App on your computer, you are still outside the VPN. In other words, you should also avoid downloading any attachments that contain private company information, such as invoices and tax documents, from the Outlook Web App. Likewise, if you are checking your work emails on your mobile device, you should avoid downloading attachments, as attachments will be saved directly to your phone and could possibly be exposed to hackers.

Avoid exchanging sensitive information by email – it’s not secure.

Although many people may be used to sending files by email, this isn’t the most secure method of transferring files. Since email systems are overseen by external parties (i.e. Google for Gmail, Windows for Outlook), there’s no guaranteeing who may intercept your data.

One solution is to password protect confidential documents if you must email them. If you do this, choose a different medium to communicate the password to your recipient. For example, you might text message or call your recipient to notify them of the password.

A more secure method for sharing sensitive documents is to use a cloud-based file-sharing service. Cloud computing is using a network of remote servers hosted on the Internet to store, manage, and process data.

Selecting the right cloud service provider for your needs can be challenging. There are many cloud service providers to choose from, but for any CPAs working with clients, it is critical to keep client information secure. When searching for an online solution in Canada, you have a responsibility to safeguard information in their care and control. Use our article on how to securely share files remotely as a starting guide.

Protect your computer with a firewall

A built-in firewall is an application on your computer which limits the types of network connections entering your computer, thereby helping to prevent cyberattacks.

One tip when it comes to configuring your firewall is to make sure you change all default passwords and properly manage who the administrators are. Here is some additional information on configuring firewalls.

Wi-Fi security

Always avoid using public Wi-Fi, as there’s no telling whose hands the information exchanged within these networks could fall into. When using your Wi-Fi at home, ensure you have the strongest encryption possible. This will likely be a Wi-Fi Protected Access 2 (WPA2) network. To ensure security, it’s recommended that you change your Wi-Fi network’s name from the default. This is because if you don’t change the name, it will be obvious who your Wi-Fi network’s manufacturer is; and if a malicious attacker knows the vulnerabilities of that manufacturer, they may be able to exploit them.

However, when you choose a personalized name for your Wi-Fi network, refrain from choosing a name that makes it obvious that the router belongs to you. This could make it easier for a cybercriminal to zero in on your Wi-Fi network if they are trying to hack your information.

You may also want to split your Wi-Fi network into two different networks – one for your guests, and the other for you to ensure confidentiality of your work data. Here’s some information on how this can be done. Note that Wi-Fi networks can also be referred to as service set identifiers (SSID).

Interested in learning more? For workplaces looking to raise their cybersecurity level, CyberSecure Canada is a cyber-certification program developed from the baseline security controls identified by the Canadian Centre for Cyber Security. This program is ideal for small and medium-size businesses (SMBs) and organizations with less than 500 employees.

DISCLAIMER: Certain links on this article take you to other websites, resources or tools maintained by third parties over whom CPABC has no control. CPABC provides these links only as a convenience and is not responsible for the contents of any linked website. CPABC makes no representations or warranties regarding, and does not endorse, any linked website, the contents thereof, the information appearing thereon or any of the products or services described thereon. Links do not imply that CPABC sponsors, endorses or is affiliated or associated with the entity that owns or is responsible for any linked website. If you decide to visit any linked websites, you will do so at your own risk. CPABC bears no responsibility whatsoever for the content, accuracy or security of any websites that are linked (by way of hyperlink or otherwise).

Anthony Green is a security engineer for the Chartered Professional Accountants of BC

More information and resources on COVID-19 can be found in our resource centre.