Risk & Fraud

Tips for Creating a Secure Work-from-Home Environment

By: Gene Fredriksen, Security Strategy Consultant

The COVID-19 pandemic could be shifting the way we work. While remote work has picked up in recent years, companies have mainly offered it as a flexible option to help ease logistical challenges for employees, such as frequent travel, long commutes, or working outside of normal business hours. Before the COVID-19 outbreak, 18% of U.S. employees worked remotely full-time, according to SmallBizGenius. With companies incorporating social distancing guidelines, that percentage has skyrocketed, as remote work has become a necessity.

If working remotely has unexpectedly become new policy for your credit union during this crisis, it has likely forced some major adjustments to your working environment and team’s structure. You may now be juggling work with kids home from school, cohabitating with other stay-at-home workers, or dealing with various technology issues, not to mention learning virtual meeting software and finding a place to store your files.

Whether you are a first-time telecommuter or accustomed to working off-site, here are some practical tips for effectively setting up a home office while protecting your devices and personal information.

  • Remember the basics. Keep your security software up to date and use strong passwords on all of your devices and apps. The passwords should be long and unique. It’s good practice to make them at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters.
  • Set up a regular work area with minimal distractions. Don’t set up your computer in the same area where your family’s learning and entertainment activities are taking place. A multi-use area brings security risks. If your employer has assigned you a laptop, try to find a separate, quiet space to do your work, and store your laptop in a safe spot.
  • Secure your home network. When working from home, security is more important than ease of use. Open networks can make for a faster internet connection, but not a safe one. Ask your cable provider about the security of your Wi-Fi connection. Your wireless router should be encrypted and require a password to access your home network. If it’s not, ask about an equipment upgrade.
  • Protect your computer. Make sure your computer requires a login password, as well as a password-protected screensaver that automatically times out if you step away for a bit. Don’t leave your laptop out in the open and unattended at home, especially with curious kids around, or in your car if you have to leave the house.
  • Securely store sensitive files. In transferring confidential documents from your office to your home, take extra caution to keep them out of sight and secured. If you don’t have a file cabinet at home, use a lockable box of some type. Most home and office supply stores carry a wide selection.
  • Shred sensitive data. Chances are, the big locked bins where you dispose of paper to be shredded can’t be brought home. Find a suitable paper-shredding machine for your personal use; don’t just throw your documents in the trash or recycling bin.
  • Follow your employer’s security practices. Your home is now an extension of your office – so follow the policies that your employer has implemented. If you don’t have paper copies, ask your HR department to provide them digitally. Carefully read through them to ensure your understanding of the responsibilities in protecting your credit union and member information.

The surge of newly remote workers could result in greater cybersecurity risks unless we all practice secure computing basics, as cybercriminals are always looking for a foothold to gain advantage. To prevail against surfacing cybersecurity threats, organizations and individuals must be agile, detect threats accurately and respond quickly. We need to continue to work together to protect our credit unions and members through this evolving situation.

While none of us can be sure how long the current social distancing guidelines will be in place, we can count on the remote work model becoming more commonplace. Whether you’re working from home full-time or part-time, now is a great time to check and organize your home systems and connections to maintain security and productivity.

Gene Fredriksen is a co-founder and current executive director of the National Credit Union ISAO and the principal cybersecurity consultant with PureIT CUSO. He has previously held the positions of CISO for PSCU, Global CISO for Tyco International, principal consultant for security and risk management strategies for Burton Group, vice president of technology risk management and chief security officer for Raymond James Financial, and information security manager for American Family Insurance.

Fredriksen served as the chair of the security and risk assessment steering committee for BITS, and also served on the R&D committee for the financial services sector steering committee of the Department of Homeland Security. He also served as an advisor on various cybersecurity steering committees for the administrations of George W. Bush, Bill Clinton and Donald Trump, assisting in the preparation of the president’s Cybersecurity Position Paper.