By Nathan Burrows
At Kaseware, security of our clients’ data is our number one priority. This week is Home Office Safety and Security Week.
Considering how popular it is to work remotely, it is important to remember to stay on top of Cyber Security, regardless of where your office is located.
Kaseware Security Tips
Here are some tips we recommend:
1. Avoid using a shared computer for your work
If you have to, make sure to log out of your company’s applications rather than simply closing the browser and change your password as soon as you can get to a trusted computer.
2. Installing anti-virus software
Installing anti-virus software is the standard for helping to protect your computer. However, many home office computers do not have the proper software installed and strictly assume that the software alone is protecting them. This makes it really easy for viruses and malware to take control of your computer. When viruses or malware get access to your computer, you are at risk of losing your data or even having to reinstall the operating system and start fresh. Ensure you protect your computer by installing good anti-virus software and keeping it up to date.
3. Keep your work space physically secure
Your workspace at home should be considered an extension of the office and there are small things that can make a big difference. If you can have a separate room as your home office, be sure to lock the door. If not, make sure to lock the computer in a drawer or cabinet when not using it. Also, while working, position the screen so that friends and family can’t see what you are working on. They do not have access to your company’s information and avoiding unintended leakage may be as simple as changing seats at the kitchen table.
4. Make sure your computer is encrypted
It is really easy for someone to steal your laptop at a coffee shop or public space, but it is very hard for them to get any use of the data on the computer if it is encrypted. Common tools for this include BitLocker or FileVault and are a must if anything on your computer has value to you or your company.
5. Make sure your email is encrypted
Most people don’t know that your email isn’t encrypted by default and taking a couple minutes to ensure yours is will decrease your likelihood of identity theft, loss of sensitive information, and phishing attacks.
6. Don’t join open Wifi networks
One of the biggest threats with free WiFi is the ability for hackers to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you end up sending your information to the hacker. The hacker also has access to every piece of information you send out—emails, phone numbers, credit card information, business data, the list goes on. If you have to use an open Wifi network while traveling, be sure to do some combination of the following: use SSL connections (https), a trusted VPN, designate the network as public, turn off file sharing, and use a travel router.
7. Use a VPN
A VPN allows you to create a secure connection to another network over the Internet. VPNs can be used to access region-restricted websites, shield your browsing activity from prying eyes on public WiFi and more. They are an excellent alternative while on a public WiFi network. While they do cost some money, the peace of mind and additional security is well worth it. Additionally, most employers will equip their employees with a way to connect to a VPN network on the go. Make sure you trust the the endpoint of of VPN as well. Some consumer level, cloud VPNs merely shift your risk from the public WiFi to wherever the cloud VPN provider dumps you on to the internet.
Kaseware Data Security
While the public can take the above steps to ensure their safety, Kaseware is always working tirelessly to ensure that we exceed the highest standards of security. One of the ways we do this is to validate our platform with third party audits.
For example, we are SOC 2 Type 2 compliant, where SOC 2 is an accreditation from the American Institute of Certified Public Accountants (AICPA). This AICPA audit demonstrates our compliance in all five trust service principles — security, confidentiality, processing integrity, availability, and privacy. We are also complaint with all Criminal Justice Information Service (CJIS) policies. Read more about Kaseware’s commitment to compliance here.
These certifications serve as evidence to our commitment of the security and safety of our clients’ information. We are proud of the privilege to protect that information and work daily to ever increase our already high standards.
Nathan Burrows is the Chief Security Officer and Co-Founder of Kaseware. He is a former special agent for the FBI and has both extensive private and public sector IT experience.