Whether you’re a student taking online classes, or an employee working from home for the first time, you need to guard against security threats and cyberattacks online.
When you’re at school or in the office, you’re often protected by an IT team or a service provider that manages systems to protect you from cyber criminals. But when you’re at home, you might not have those same levels of protection, which can open you up to attacks—and the effects are just as devastating.
How do most cyber attacks happen?
These days, the majority of data breaches come from “phishing attacks” and “social engineering”. Basically, these terms mean that a criminal uses email, text messages and fake websites to impersonate someone (like your boss or a government agency like the CRA) to trick you into giving them something private. Usually, this means scooping up your login credentials, financial information, or getting you to download a virus or malicious program to your device.
We’ve all likely encountered these before: one of the most notorious examples is an automated phone call pretending to be from the CRA threatening to arrest you if you don’t send them money. This is a phishing scam, using fear and urgency to get you to follow their instructions!
These types of attacks aren’t just hitting individuals through phone calls. They can be done through email, text messages, and social media, and they can hit your personal accounts, your student accounts, and your work accounts.
What happens if you fall for a phishing scam?
At best, you’ll lose access to an account that doesn’t really matter, like Netflix. This can be a pain in the butt to fix, but not the end of the world.
At worst, you can lose your identity or critical accounts like your email. If someone gets your email account, they can likely access many of your other accounts by resetting passwords, which could mean losing access to your bank account.
For businesses, criminals can use stolen email accounts to impersonate your employees and attempt to steal money or lock your systems down and hold them for ransom.
How to protect yourself online when working from home
Whether you’re working or studying from home, there are three general areas that you can look to add protection to:
- Your physical space
- Your devices and apps
- Your home network
Protecting your physical space
You likely have a “clean desk policy” at work – which means that you should never leave confidential documents sitting on your desk or in the printer tray. The same rule should apply at home, especially if you live in a house with kids or roommates who could potentially access your confidential information.
The general goal of this type of protection is to secure your devices and documents from prying eyes. Keep your devices locked when not using them, set up passwords or PINs for your devices, shred or lock away documents when you’re not using them, and don’t allow others to use your work devices or accounts for personal activities.
Protecting your devices and apps
Practicing healthy digital hygiene is one of the most powerful ways you can protect yourself one. Digital hygiene refers to the things you to do tidy up and maintain your digital life. We’ve written a detailed blog post that goes into depth on many digital hygiene best practices, but we’ll repeat some of the most important ones here.
First, sign up for a password manager and add all of your accounts there. Then, start changing all of your passwords so they are both strong and unique from each other. This can be a bit tedious, but put on your favourite podcast or TV show and start organizing. Not only will this make you more secure, it will also make it easier to login to accounts since you don’t have to remember passwords anymore!
Then, make sure all of your devices and apps are up-to-date. Updates for your computer, apps and operating system do way more than just give you access to new features – they also bring fixes to bugs and security vulnerabilities that hackers often use to get access to your devices. While you’re updating everything, take that time to delete any old apps that you don’t use anymore. Don’t just uninstall them – actually go in and request that your account and all of its data is deleted.
Finally, unsubscribe from junk emails. This will not only make your inbox way easier to manage, but the less junk you have in there, the less likely you are to accidentally click on a fake scam email.
Protecting your home network
This area is the most technical of the three, but it’s not that bad – the hardest part here is remembering how to log in to your router.
The most important thing you can do is change your router password. Most people never change their password, and most routers share the same default password (usually something like “admin” or “password”.) Your router is the gateway to all of your devices, so you really want to make sure you have a unique password here.
It’s also recommended that you turn on your guest network and use that for all of your personal devices, like smart home and internet-of-things devices. These types of devices are notorious for having security problems, and the last thing you want is a hacker to use your smart doorbell to hijack your work accounts.
You can also use your DNS settings to add an invisible layer of protection on your network. The DNS is basically the phone book of the internet, and it’s how your web browser looks up and visits web pages. Hackers can use the DNS to redirect you to fake websites, or to turn on the malicious code they tricked you into downloading. CIRA has made a free DNS service available to all Canadians that you can learn about here; setting it up is as easy as switching the number in your DNS settings to our number.
CIRA and Webnames.ca have partnered to present a free webinar on cybersecurity for small businesses and for individuals, sign up below to learn more and protect yourself against cyber threats!
Webinar: Cybersecurity for home networks & small businesses during COVID-19
Presented by Webnames.ca and CIRA
Thursday, Apr 23, 2020 11:30 AM – 12:15 AM PDT
You’re not magically immune to cyber attacks simply because you’re at home, and if anything, you’re more of a target during the COVID-19 crisis. But protecting yourself doesn’t have to be hard, expensive, or requiring a technical background. There are many simple steps you can take to protect yourself, your employees and your families at home. Just follow some of the steps above, or dig into some of the resources we’ve shared, and you’ll be safe in no time.