Updated: Jan 10
In these unprecedented times when we are all in lockdown, many of us will be working from home either from necessity or simply just because we can. There has been a huge shift in businesses in 2020 to increase the capability of employee working from home, even when not in Lockdown. Businesses can make significant saving on squared footage of office space, power and heating overheads as well as possible better productivity from employees.
With today’s technologies most of us do not consider the mechanics of getting on-line and working from home. What is often overlooked is the security of our systems and home networks. Many people simply don’t bother about a decent antivirus or Internet security program, often relying on a free downloaded program or nothing at all. Home networks are, by default, not as secure as a corporate network where working practises and environments are managed, monitored, and updated.
So what can we do to our home computers and networks to reduce the vulnerability?
Here is our guide on what measures you can put in place to make your on-line experience a safer one !
Secure your Internet connection using a VPN. A secure tunnel between point A to point B which does not send clear text data and cannot be breached or monitored. You can use a Guardian Security App Router to protect every device, Phone, Tablet, PC, laptop, TV, TV Box, in your house, all at once, and without the need to install VPN Apps on any of these devices! Read more details about what is a VPN and take a look at the complete range of Guardian Security App Routers and dedicated ExpressVPN Routers for complete, whole house, all device protection.
Use a reputable paid Internet security antivirus application. Most Internet protection products include Antivirus. We recommend ESET – It is a comprehensive product with a very lightweight scan engine that won’t impact the performance of your PC, tablet or smartphone.
Use strong passwords. Passwords should be contain a minimum of 12 characters and contain a mixture of upper and lowercase letters, numbers and symbols. Here at Guardian Routers we don't use the term 'password' we use 'pass-phrase'. Not only is it far more secure to use a pass-phrase, it is far easier to remember a phrase. Most people will use a simple password, as it's easy to remember, and most will write their passwords down and reuse them, sometimes with slight variation thinking it is secure. ie. mydogsname1 and mydogsname123 thus making it easy for someone to gain access to many accounts with just one password breach. The current top 5 passwords, believe it or not are: 123456 password qwerty football and 1234567. These take seconds to crack and should never be used.
What is a pass-phrase. A pass-phrase is a sentence with a combination of letters, numbers, and symbols that is easier to remember and much harder to crack. You can also mentally link the pass-phrase to the login which makes it even easier to remember. Lets use an Amazon login as an example. How many people have an Amazon password that is Amazon123. I would guess quite a few!
A better login for Amazon would be to remember something you purchased on Amazon and turn it into a pass-phrase. Lets say at some point in the past you purchased a 48 inch LED TV from Amazon, you will always remember where you brought your TV which makes it easy for you to associate your TV with your Amazon account and remember, so a good pass-phrase that is easy for you to remember but hard to crack, for your Amazon would be something like my48INledTVc0st£499!
I think you'll agree this is far more secure than Amazon123 and not that hard to remember due to the association if compared to a complex password
Change passwords (pass-phrases) regularly. It is important to change your passwords periodically and don’t use the same password for multiple logins.
Be aware for phishing emails. If you are not expecting or do not recognise an email, do not reply. Many spam emails are enticing you to respond and click a link to a website to capture your email address or take over your device with malware downloaded without you being aware.
The current top phishing emails in Lockdown These look as if they are from the Royal Mail (or another delivery company) and will say 'we attempted to deliver but you was out and there is an outstanding payment to pay - please pay here'. This is a very effective scam email as now we are in lockdown again many people are turning to on-line purchases and many people that receive this type of email will, as sheer coincidence, be expecting a parcel. They will also think 'It's only tiny amount so no risk and best I pay, I have nothing to lose' What they don't realise is the 'click here to pay' link takes them straight to the scammers 'fake' web page and as soon as they have filled in their payment details their bank account will be emptied!
The Royal Mail has an excellent page of current scams which can be seen on their website here
The example 'delivery scam emails' I have seen are very convincing and even more so if you view the email on a smartphone where, by default, the email header is hidden making it hard to see the actual email address it was sent from - beware, don't pay - If you are expecting a package call the delivery company to verify or check your tracking numbers to locate it.
Remember, if there is outstanding postage or duty fees on a package you will, 99 times out or 100, have a card through the door or card through the post explaining the charge.
These scam messages are also being sent by text message from companies pretending to be Royal Mail, UPS, Currys and DPD to name a few.
Use ‘Cloud’ storage. Cloud storage provided by reputable companies such as Microsoft is more secure than locally storing documents and files on your PC, phone or tablet and will be available from any of your devices. Cloud storage will keep a copy and backup of files. Many providers have version control to allow you to rollback to a previous version of the file. Files held on a cloud storage platform will have encryption and secure connection methods. Please remember that sensitive documents stored on the Cloud, or any other device MUST have another layer of encryption to keep them secure. There are many programs that will do this. Z-Zip will allow you to compress and pass-phrase protect files and folders. Although Z-Zip won't survive forensic-level decryption it is better than nothing. Windows and MAC will allow password protection to your Office files whilst a program such as AxCrypt or cryptomator take file encyryption to the next level and with mobile apps they work across all your devices.
Two-step authentication. Always use two-step authentication where you can. Many on-line systems already force a second level of authentication via a text or app after initial log in. PayPal and Amazon are good examples with a PayPal login being one of the most valuable on the 'Dark Web'
Keep your devices Operating System and antivirus up to date. Windows updates, iPhone / iPad iOS update or Android updates. These updates although tiresome sometimes to install do actually patch security holes in the OS and keep you one step ahead from the hacker.
Contacting companies. If a legitimate company or organisation needs to contact you, make sure you initiate the contact by going to the genuine website and use their contact methods such as phone on-line chat or form fill.
When searching Google for a genuine company website don't just click the first result. The first results are often a 'sponsored' or paid for result and put there by the scammers to trick you into thinking you have found the genuine website. Paid for results will always say 'Sponsored' or have the word 'Ad' under the result. Note: Banks do NOT sponsor their searches so if you are searching for you banking website do NOT click any paid for results!
Above all a good ‘common-sense’ approach should be adopted. If you receive something that does not seem appropriate, is asking for personal details or login information, simply ignore or delete it. Don’t be lured into going to a website or giving out information without checking it out first.
Protect your Information
Never send sensitive, personal information, security details or credit card numbers by email
Never click on a link in an email if you are unsure about it, especially if it asks for personal financial information, this might attempt to install malware on to your computer
Make sure you have a spam filter on your email account
If you do receive scam or phishing emails you can help protect others by reporting them too Action Fraud. Action Fraud is the UK’s national reporting centre for fraud and cybercrime where you should report fraud if you have been scammed, defrauded or experienced cyber crime in England, Wales and Northern Ireland. They provide a central point of contact for information about fraud and financially motivated internet crime.
Not everything out there is as it seems… so tread carefully, securely and stay safe!