IT professionals often advise business owners to train their employees on the importance of cybersecurity because your employees can be the largest security loophole in your business. Now that the COVID-19 pandemic has forced many businesses to transition to work from home models, your employees are not the largest security loophole anymore- their kids are.
When employees take their machines home or use their home machines for work, those machines now sit in a physical and digital space that is unprotected. You may have already taken the steps to train your team about phishing and social engineering, but now you need to urge your employees to relay that training to their kids, and others on their home network.
Additionally, business targeted threats are not the only ones you need to train your employees to detect. Home networks also consist of gaming consoles, personal phones, smart TVs, smart devices, and home automation and security systems meaning threats to your company’s information could be coming from all angles. If a hacker can get into one device, they could access the whole network- including your business’ information.
We hope these tips help to both educate and safeguard your employees and their kids, but it is only the first step towards a cybersecurity plan that encompasses at home offices. The best way to ensure your implementing measures strong enough to safeguard your business is to talk with an IT professional. Book an introductory call to get started.
Cybersecurity tips to share with your kids:
1. Be careful where you click. Fake or malicious websites and apps (or legitimate ones that have been hacked by criminals) can jeopardize your device and the data on it. These sites can install malicious software onto your device if you visit them or perhaps click on the sites’ links. Malicious apps can also steal your information. Often, they look legitimate, offer something that is too good to be true or contain some type of “forbidden” content such as sexually explicit material, gambling or free movies or music. Rogue apps can look like and have similar names as legitimate ones they imitate. Then there’s “clickjacking” – bogus links on social media pages that have been hacked. They appear to link to something tantalizing but instead redirect you to a site that contains spam advertising, plants malware on your device or posts bad links on your own profile.
2. Don’t get caught by phishers. Phishing is when you get an email or a social media message that looks like it’s coming from a legitimate place such as a bank or a social networking site. If you click on a link in the message, you’re taken to a website that looks legitimate but could be run by criminals trying to trick you to sign in with your username and password so they can capture that information. Your best bet is not to click on the link but rather type the Web address (such as mybank.com) into your browser window and go the site that way.
3. Be smart about passwords. Having strong passwords and changing them periodically is fundamental to your and everybody’s security. Don’t use the same password on all sites. If you need help remembering lots of passwords changed often, you can use password management software to remember and enter your passwords for you.
4. Keep software & apps up to date. Regardless of whether you’re using a computer or a mobile device, it’s really important to keep your mobile and PC operating systems and your apps and software current, because it’s not uncommon for companies to discover security flaws and vulnerabilities that they fix with updates. This is especially important for operating systems and web browsers that can be more vulnerable to attack if not up to date (check to see if they update automatically). And if you update an app or program, check the privacy settings again to make sure they haven’t gone back to the default settings.
5. Use security software. It’s a good idea to have security software installed to protect your device. There are both paid and free programs for Windows and Mac computers and security apps for smartphones and tablets. Make sure you’re dealing with a reputable security company.
6. Watch out for scams. Big news stories about famous people or natural disasters and other major events raise curiosity and web traffic, which brings out the scam artists. When disasters happen, good-hearted people young and old can be vulnerable to fake appeals for aid. If you get a charity appeal, type the cause or organization into a search box and you’ll often find an official site along with numerous others that seem to be related. The official sites usually turn up at the top of search results. They’re fine, as are sites from legitimate news organizations covering the event, but approach other sites with caution, and do a little Web research about disaster relief and other charities.
7. Be careful before downloading. Be very careful when installing apps and if you’re asked to download a plug-in, document or application, such as to watch a video. Sometimes these downloads contain malicious code. Most videos don’t require software that’s not already on your device. If you think you need a plug-in or an app, do a little research to make sure it’s legitimate.
8. Consider using extra authentication. Some sites and services now offer dual- or multi-factor authentication to reduce the chance of unauthorized access. This typically requires an extra step, but it’s more secure. It usually means entering a code that’s sent to your mobile phone or clicking on a mobile phone app to verify that it’s you. You have to have the phone with you to get in, which reduces the chance of an intruder logging in as you.
9. Remember, if it’s too good to be true, it probably is. Be wary of attractive offers such as the chance to watch or download a movie for free, free music from untrusted sources, or free “keys” to unlock codes for software that usually isn’t free. While some artists do offer free tracks on their official sites and movie company’s’ free trailers, be suspicious of free offers, especially if they’re not on the official site of the content owner. There is a lot of free shareware or open source software but download it from a known reputable site such as Download.com or SoundForge.com that scans for malicious programs.
10. Shop on secure sites. You’ve probably noticed that every web address has “http” at the beginning. If there’s an “https,” the “s” stands for “secure,” which means the site provides an extra layer of security. For example, those “https” sites encrypt or scramble your password, credit card numbers and other information so they can’t be used if intercepted.
11. Use secure Wi-Fi. Be sure that your home network uses encryption and a password to prevent others from accessing it and be careful when using Wi-Fi at coffee shops, airports and other public places. Only sign into known networks (like those operated by the establishment) and, because public networks are often less secure than private ones, avoid banking or shopping or doing anything highly confidential when using public Wi-Fi.
Credit to https://www.connectsafely.org/security/ for the cybersecurity tips.