Useful & Practical Security Tips for Remote and Mobile Working
The rising number of data breaches shouldn’t surprise us at all.
The past decade had given us a taste of a massive catastrophe in the digital world.
Maybe a few weeks ago, you heard the news on the data breach Uber suffered. And months before that, the news on Equifax Inc. Both have imperiled millions of people’s personal information, leading to a possible horrific nightmare in the future.
How about the biggest of them all: the Yahoo data breach which compromised some personal data of ALL its 3 BILLION users?
Unfortunately, the future is far more extreme. We are threatened by a poisonous and insidious digital nightmare some hackers and computer geniuses with dark motives could bring.
This reality has not only shaken famous big companies but also the smaller market and even the world of remote and mobile working.
Thou shall not be complacent, in many aspects.
Some companies put cyber security their top priority, but some have not a lick of concern.
Whether we like it or not, reality shows that online security threat will always be a lurking danger to every digital nomad all over the world.
Take the bait, and boom, your data, your daily bread, becomes the one that got away!
This is the reason why some companies still don’t offer their employees the benefit of working mobile and working from home, even with the productivity statistics it has already proven and shown. Most companies are afraid of the security risks remote work may bring.
However, employers will not be be trapped by these threats if there’s a systematic security program to implement.
It should be fair to be able to prepare and fight a battle than just dreaming and contemplating the idea of “what-ifs”.
Before we go deeper and learn the security tips for remote and mobile working, let’s first understand what drives hackers to do what they do, determine the culprits of successful cyber attacks, and the dangers that cybercrime carries.
THE NOT-SO-HIDDEN AGENDA OF CYBERCRIMINALS
- It’s their job!
While others are in awe of what hackers can do and are intrigued about how they do what they do, it is never an excuse to do ruthless and devastating attacks and take advantage of some people’s weaknesses in the digital world.
However, it is a sad fact that hacking has become a profession of the cyber geniuses and equates to their daily bread where they do what they do best.
- It’s about the money
The internet is a world of thousands, if not millions, of dark website “cities” with hidden, and cruel agenda. Sex trafficking, adultery, illegal programs and a lot more lies are just a click away.
Using malware, cybercriminals steal funds from victims’ bank accounts.
Cybercriminals also sell stolen data to the darknet and to the highest brokers, only a few know the details behind each deal. Imagine selling a million accounts at, let’s say, a dollar each. What an unbelievable payout you can expect!
- Beware of spies
Some businesses are so great that people are hawking on them. Some people are heavily influential that their lives interest others to a point of spying on them.
Your privacy and your valuable data are their targets which are then handed over to businesses and people with different motives.
- Feeding curiosity for fun and practice
The thrill of exercising their profession and feeding the hunger for curiosity drives cybercriminals to do what they do. Sometimes, they don’t mean to do any harm at all and just want to test how far they can go. And for some, they love the fun.
The public attention is their pill of happiness and satisfaction.
- Personal and political expression
Money is not always the reason behind cyber attacks.
There are always far deeper reasons at the bottom of it all.
Political expression is one while for others it could be revenge, outrage, vanity, and prestige.
Being unique individuals with different personalities, beliefs, principles, and philosophy, it is not surprising for conflicts to arise. These conflicts are oftentimes acted through cyber attacks.
There are also more personal — or more vindictive — reasons to explain why attackers do what they do. Companies or individuals can be the target, and the consequences can range from annoying to downright dangerous.
SECURITY TIPS FOR REMOTE OR MOBILE WORKERS
- Never use FREE public WiFi
Most remote workers love coffee shops, parks, malls, hotels and anywhere with free WiFi. Anywhere can be an office space, so long as internet connection is available.
Free WiFi cuts internet bills. Free WiFi spells convenience.
BUT, although not all, since public WiFi is oftentimes not encrypted, along with it comes free virus and free cyber attacks.
Man-in-the-middle attacks (MITM) could be present thru public WiFi usage. MITM is a hacker’s eavesdropping tactic in intercepting data shared between two parties. Hackers control the communication redirecting the victim to malicious sites that could peril one’s personal and company data.
Know that public WiFi is NOT SECURE. Usage can be a pitfall to your most precious privacy and security.
Remote and mobile workers should never use public WiFi and make sure to use encrypted communications and data.
If you’re at all doubtful about a wireless network, don’t connect – stick with your phone’s mobile internet connection.
- Public chargers aren’t safe at all
Aside from public WiFi, remote and especially mobile workers are also fond of using public chargers.
It’s interesting how cybercriminals make use of creative ways to steal information from people.
“Just by plugging your phone into a [compromised] power strip or charger, your device is now infected, and that compromises all your data,” Drew Paik of security firm Authentic8, disclosed to CNN.
Paik told CNN, “If a port is compromised, there’s no limit to what information a hacker could take.”
The safest alternative to a public power outlet is a portable USB battery pack or a USB cord that doesn’t transmit data. But generally speaking, you’re safest relying on your own charger.
- Bringing phones with company data on an international flight
On January 30th, Sidd Bikkannavar, a US-born scientist at NASA’s Jet Propulsion Laboratory flew back to Houston, Texas from Santiago, Chile.
On his way through the airport, Customs and Border Patrol agents pulled him aside. They searched him, then detained him in a room with a bunch of other people sleeping in cots. They eventually returned and said they’d release him if he told them the password to unlock his phone.
Bikkannavar explained that the phone belonged to NASA and had sensitive information on it, but his pleas fell on deaf ears. He eventually yielded and unlocked his phone. The agents left with his phone. Half an hour later, they returned, handed him his phone, and released him.
What happened there was an incident which compromised all the data and all history of all transactions and communication done by Sidd using a phone that contains NASA’s confidential and classified information.
No need for any cyber attacks there. Everything happened just because it is mandated by the Texas government — and Sidd was not aware of that.
This system is not only true to Texas, to Canada, and maybe by now, some other countries too.
Security breach never just happens digitally. Physical threat is a factor too.
All digital data security tips are useless when you’re faced with life-or-death danger over your personal information.
Ensure physical security through the following:
- Study and learn the mandated rules of the places you plan to visit, especially the flight and airport rules
- Leave all your devices at home
- Use alternative disposable gadgets when traveling overseas with strict compliance needed
Or you can opt to do what Quincy Larson suggested:
“Since most of our private data is stored in the cloud — and not on individual devices — you could also reset your phone to its factory settings before boarding an international flight. This process will also delete the keys necessary to unencrypt any residual data on your phone (iOS and Android fully encrypt your data).”
A secret told to someone is no longer a secret. To quote Khalil Gibran: If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees.
- Practice encrypting ALL DATA always
Protect all your data, whether personal or business related, before it’s too late.
Most remote and mobile workers use email for communicating with clients and businesses. Most malware comes from unsafe or suspicious links sent through email that is why it is not highly recommended. If you’re using it anyway, email encryption can be useful.
Protect your privacy by email encryption, an encryption of email messages that keeps the content from being read by other entities than the intended recipients.
Require VPN’s on devices. This password protected option allows secure access to remote workers… A VPN provides an extra layer of protection for your business.
This cloud-based software was built with bank-level security using data encryption for both data in transit and at rest within the platform.
You would merely need an internet connection and a web browser to securely use the software.
Plus, it comes with other amazing features such as tasks and project management, document management, team collaboration and so much more.
You might want to get a 30-day free trial here and see for yourself how this software can leave you worry-free.
Protect and encrypt your data on hard drives and in the cloud.
- Password and username hygiene is a MUST
This tip has been shared time and time again.
Let me share it again: please strictly observe the usage of complex, long complicated passwords like phrases containing characters, numbers, and symbols. Using the same password for many accounts helps hackers jeopardize not just one account, but all your other accounts at once.
Creating usernames using your main email is a NO NO! You’ll give hackers an easier job by doing so.
Enable two-factor authentication if available to provide an additional form of authentication that uses your mobile device usually before access can be granted.
Nate Lord of Digital Guardian,
Two-factor authentication requires a second verification step, such as the answer to a secret question or a personal identification number (PIN). You should opt for two-factor authentication when given an option.
Whether you’re a remote worker or an office-based worker, it is best to regularly check your security measures and search on the latest security updates and be watchful on what is happening around you. Be sensitive to your surroundings and treat your personal and company data as you treat yourself.