Cybersecurity Awareness month, which is celebrated annually across the world in October, aims to raise awareness about the importance of cybersecurity at home and at work and helps to equip you with the resources you need to stay safe and secure online. This year's theme, "See yourself in cyber," highlights the actions we can take to raise the baseline for cybersecurity worldwide. Whether you're a technologist, or anyone working at home with an internet connection, we all have a role to play in strengthening cybersecurity.
With more of us working remotely - both from home and at shared co-working spaces - there's never been more demand for cybersecurity measures to ensure that work and personal information stay safe from the prying eyes of hackers. Without secure and encrypted networks, communication platforms, online data forms, and shareable calendars and documents can inadvertently expose you to cybersecurity breaches. So how can you ensure you stay secure in cyber?
We reached out to Andela's community of experts, asking them to share their top six tips for strengthening security in the remote workplace!
Install (and update) anti-virus software
Malware 's — or malicious software 's — is a popular method hackers use to steal information. Malware tricks you into downloading malicious programs that infect your system and steal information from your device. How can you protect yourself from malware as a remote worker? Use anti-virus software. While organizations should have anti-malware software installed on work devices, if you're a remote worker, you're often responsible for your own cybersecurity. If you're using your own devices, then you should install anti-virus software, which remains the strongest defense against cybercriminals who want to breach your online devices for their gain. Programs such as Bitdefender, Norton, and Trend Mirco come highly recommended. Ensure you also run software updates as they are made available.
Beware of social engineering
It's very easy to get into open discussions on social media that can reveal personal - and work - information. Social engineering is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. In a typical social engineering attack, a cybercriminal will communicate with the intended victim by saying they are from a trusted organization, sometimes through seemingly safe platforms such as LinkedIn. In some cases, they will even impersonate someone the victim knows. If the manipulation works, the attacker will encourage the unfortunate user to take further action, such as handing over sensitive information, including passwords, date of birth, or bank account details. The phishing phenomenon is ongoing. Be diligent about double-checking your emails. If you get a suspicious message, think twice before opening an attachment, clicking a link, or responding. Send it to your IT team, or just simply send it to the trash!
Upgrade your Wi-Fi security Infiltrating your home Wi-Fi network is another way cybercriminals can breach your security. There are steps that you should take to secure your home wireless network, such as changing your Wi-Fi password from the default that comes with your router with a stronger password. And ensure you don't save the password on any devices or accessible documents!
Never trust, always verify
Two Factor Authentication, or 2FA, is an extra layer of protection used to ensure the security of online accounts beyond just a username and password. It can dramatically reduce the risk of successful phishing emails and malware infections because even if the attacker has your password, they require a second piece of vital information to complete the login - in this case, from the authenticator app or security system that is generating your one-time code.
One form of information is a password, while the other couple is a one-time code or push notification. It's important to be aware that while convenient, SMS isn't a secure choice for the second factor because cybercriminals have developed methods to trick telecommunication companies using social engineering. The best practice is to use an authenticator app, like Google Authenticator.
Use a VPN A virtual private network (VPN) isn't just used to get around geo-restricted content; it's also good at ensuring online privacy. A VPN extends your private network across a public network, so you can send and receive data from anywhere as if you're directly connected to the private network. This keeps you secure when working in coffee shops or co-working spaces and allows for remote access to secure computing assets. But be careful which VPN to trust, not all of them are trustworthy, and some could leave your device open to a Malware breach.
Enable automatic locking If you walk away from your device, regardless of whether in a co-working space, your home office, or a cafe, you should always make sure it's locked. While this seems like a very simple safety measure, we're all guilty of leaving our devices open when unattended. This is where automatic locking comes in. By default, automatic locking is enabled on most modern devices, from PCs to Macbooks. But first, ensure it's configured to an automatic lock time that isn't too long or too short; you could try 15 seconds for your mobile and three minutes for your laptop.
Happy Cybersecurity awareness month! And keep staying secure in cyber!
Thanks to our panel of Andela Community experts for their tips: Oluboodun Agbalaya, Akinsola Akinwale, Chesvic Hillary, Hafiz Syed Ashir Hassan and Janderson Bezerra de Sousa!
Want to be part of the Andela Community? Then join the Andela Talent Network!
Your career is a journey, not just a job. Taking ownership of your career development and actively seeking out opportunities for advancement can not only spark career growth, but also increase your enthusiasm for your work. Read our seven tips to accelerating your work ambitions!
With technology advancing faster than ever before, tech skills are always in demand. These are the top six right now: Core engineering, Cloud API, database expertise, data analytics, communications, and Devops methodology.