Working From Home: Dos and Don’ts for Keeping Your Data Safe

Indians have been worst affected by identity thefts in the past 12 months, claims a new report by NortonLifeLock.

Norton Cyber Safety, the cyber security major surveyed more than 10,000 adults in 10 countries, including responses from 1,000 adults in India.

According to the report, more than 36 percent of Indian adults detected unauthorised access to their accounts or devices in the past 12 months. While 2 in 5 Indian users have experienced identity theft to date, over 27 million Indian adults experienced identity theft overall in the past 12 months, the report states.

500% Increase in Cyber Attacks During Work from Home

In the last year alone India has witnessed a 500% increase in cyber security incidents during the coronavirus pandemic.

The massive health crisis has pushed an entire workforce to work from home, with security solutions such as firewalls, DNS security and intrusion prevention proving ineffective.

How to Keep Your Data Safe While Working from Home?

Employees need to use company-mandated security measures and company-approved devices to access enterprise resources.

"More importantly, the popular adage, ‘never mix personal with professional’ applies here as well. Employees need to use their company-mandated devices only for professional purposes," Prasad T of Instasafe, a cloud-based service solution told The Quint.

Emphasising on emails being the major threat vector, Murli said, “A Barracuda research warns phishing campaigns are now using COVID-19 vaccination as a hook, as the research reveals the average number of vaccine-related spear-phishing attacks was up 26%. While the remote workforce is distracted, users must stay alerted and be skeptical of all vaccine-related emails and don’t click on links or open attachments in these emails, as they are typically malicious."

Common Mistakes That Should be Avoided

Considering that individuals working remotely might be distracted, they are prone to clicking on unprotected links or open attachments they may otherwise have avoided. This is where they should be extra cautious and refrain from accessing any such links.

Sharing his thoughts on this, Murali said, "Some remote users also tend to leave their passwords easily accessible by mistake. To avoid getting it into the wrong hands, they should use a password manager to keep track of login credentials and enable two-factor authentication for online accounts whenever possible."

What Should You Do If Your Data is Hacked?

If you feel that your company device has been hacked and your data is at risk, the following steps are mandatory to ensure minimal loss, explains Prasad:

• Take snapshots of any suspicious activity on your device, and immediately contact your security team for guidance
• If you can, change your passwords and logins immediately
• If you can’t, log out of all cloud and app logins immediately and report the same to your IT team
• If there is clear evidence of data exfiltration, report the same to the team

From the companies’ perspective, IT teams need to get into war mode to handle remote breaches. Some of the steps they can take are:

• Suspension of all app logins
• Initiate remote device lockdown if the device is not under BYOD
• Analysis of data use to identify what data has been compromised
• Ensuring the employees get a fresh set of credentials to access enterprise resources
• Amending remote work guidelines to prevent similar hacks