Keeping Your Data Safe While Working from Home

We sat down with NJTC member, Symbol Security. President and Co-Founder, Craig Sandman, has focused his efforts around ending phishing and other cyber risks people might face. Teams are more digitally connected than ever, which presents the need for information and mitigation around phishing and cybersecurity to keep your data safe while working from home. 

Keep the Fortress, Well, Fortified.

Cybercriminals are smarter and more targeted than ever before. These crooks are evolving in their crimes as quickly as updated cybersecurity is becoming available. 
Our downfall is their greatest advantage: 
Humans. 
Humans are a very weak link in a company’s security chain and should have some accountability in cybersecurity as well.
Companies spend millions of dollars on their IT security infrastructure and are essentially building a fortress around all of their sensitive information. 
As an employee, you have access to that information and systems. 
You are in your company’s “castle,” so to speak, and the next phishing attack is as simple as you opening the castle door and engaging with a cybercriminal via email, text or social media. An organization can effectively build out a cybersecurity system, but the threat is still there if employees are not knowledgeable about the different attacks that exist.
Knowing the difference between clicking the right link in an email versus downloading a file that targets sensitive information can make a significant difference. 
Scary, right? 
Let’s back up and define what exactly is phishing.

What is Phishing?

Phishing is a cybercrime methodology of luring a victim into taking an action (fraud, access or divulging sensitive information) based on a false pretense. 
Victims don’t know they’re interfacing with a criminal.
These cybercrooks phish because it is EASY. 
Here is what they want from you: 

  • log-in information and data
  • banking and credit card information
  • intellectual property 
  • influence

Flashback to the 2016 Democractic National Convention hack where emails from campaign officials were stolen by a group of Russian hackers. 
A popular phishing attempt is spoofed emails. 
A spoofed email is a fabrication of a well-known business’s email in hopes of duping the recipient into thinking the email originated from somewhere other than the intended source. 
Spoofed emails are nuisances because they ask the recipient to provide personal information like a password or credit card number. 
If given, these can cause significant problems and sometimes pose a real security threat. 
Some cybercriminals are spoofing so perfectly that to an untrained eye, it may look credible.

Is Amazon Really Asking You to Re-Verify Your Account?

Spotting a phishing attempt can be easy. 
To identify a fake email, Craig highly recommends expanding the sender name to ensure it is coming from a legitimate sender. 
Cybersecurity
Did you receive an email from a coworker or internal department that does not make sense? 
Did IT really need you to download that document? 
When in doubt, pick up the phone and call your IT department to confirm a suspicious request.
Beware of the subdomain and look for manipulations. 
Cybercriminals use subdomains to fool users into thinking the URL is from a legitimate company. They use a well-known business name in the subdomain but the fraudulent location remains in the primary domain.
Example: www.amazon.passwordconfirmation.com 
The subdomain in the example is “amazon” and the primary domain is “passwordconfirmation.com”. 
It may look like a credible source but if you clicked the link in the example above, you would not be visiting Amazon. 

Do Not Click! Hover Over Links

This best practice can’t be stressed enough. 
Assess your emails for anything that looks odd or seems out of place. While scanning your email for out of place links, domains and such, make sure to scan the actual content of your email as well – does your boss really need you to purchase 10 gift cards for $100 each? Probably not. 
If a link is present in the email, hover your cursor over the link to reveal the URL without clicking. Ask yourself if the link URL is pointing to a legitimate website with an easy-to-read web address.
Don’t be fooled by logos or the message of the email. Any cybercriminal can reproduce email communications to look exactly like a company you do business with. Instead, go to the website directly to log in and check for notifications.

How To Keep Your Data Safe Working from Home

Unfortunately, scams can happen at home, too.
It is highly recommended to have different passwords for your work and personal devices and accounts. 
Your Netflix account password should not be the same as your work password. 
Consider a password manager such as LastPass or 1password to help you store your passwords and create strong credentials. 
Use two factor authentication for every account that has the option available.
Practice WiFi safety by creating a network specifically for your guests. 
Craig recommends not sharing your WiFi password with your children or people who live outside of your residence. Doing this will help you avoid a compromised network.
We love our children and their happiness is our happiness, but keep your work and personal devices separate. Avoid letting your children use your work device to watch Youtube or play a game. 
Protecting your data at home is just as important as being in the office. 

Watch The Full Webinar Presentation: Work From Home Cybersecurity 

Check out the full webinar where our audience got to test their phishing skills and pick up some best practices on cybersecurity.

NJTC has compiled useful links and past videos/webinars to utilize as resources to help your organization during COVID-19.  Safety measures, best practices and more on our COVID-19 resource page are available here.

https://techunited.co/wp-content/uploads/2021/07/Symbol_NJTC_WFHandPhishingTraining-1.pdf

Share:

Share on facebook
Share on twitter
Share on linkedin

Magazine

TechUnited Take 5: Meet Foundation Venture Capital Group, the Go-To Impact Investor for Your LifeSci Startup
TechUnited Take 5: Meet Foundation Venture Capital Group, the Go-To Impact Investor for Your LifeSci Startup
Welcome back to TechUnited Take 5, where you’ll meet new members of the community in a fun and personalized way! Meet Mike Wiley, Vice President at the Foundation Venture Capital ... Read more
National Small Business Week: Using Technology to Save Time and Improve Your Business
By: Michael Louden, regional vice president of Comcast Business, Comcast Freedom Region Small business owners have had to make some significant decisions and changes in the last two years – ... Read more
Why ClimateTech is the Disruptive Innovation Needed to Fight Climate Change
The hard facts about climate change continue to be sobering. According to the recent U.N. Intergovernmental Panel on Climate Change report, we have until 2030 to change emissions patterns in ... Read more
Climb to Unwind: An Outdoor Retreat and Networking Experience for Members
Join us for this fun hiking adventure at Hacklebarney State Park.
Pop-Up Networking
The fun spontaneous virtual member networking experience featuring everything randomized matchmaking, surprise special guests, trivia, and more!
TechUnited Take 5: Meet Techmango, the Digital Transformation Company Turning Innovation into Action
TechUnited Take 5: Meet Techmango, the Digital Transformation Company Turning Innovation into Action
Welcome back to TechUnited Take 5, where you’ll meet new members of the community in a fun and personalized way! Meet Greg Boyd, CEO of Techmango LLC, a digital transformation ... Read more