Cyber security essentials for Home Office
We’re going to focus on the cybersecurity essentials for a home office. Do these terms sound any familiar; remote work, work from home, home office?
Let’s start by understanding what each means and then talk about securing the home office.
What is a Home Office?
When a business owner operates their small and medium business from the confines of their home, then this is termed as Home Office.
A home office is different from a remote worker or even a work from home scenario.
A remote worker is when a business equips an employee with complete business tools to perform their tasks from any locations outside of business office location on a permanent basis.
A work from home scenario applies to an employee that is predominantly operating from business office location but its temporarily working from home due to any circumstance.
Now lets discuss the essential steps needed to secure a home office.
Cybersecurity Essentials for a Home Office
Our home is usually perceived as a place of safety for our family and loved ones. Once home, the doors, windows, and roof provide shelter and it feels like you’re invincible. That can be said for physical security, however, for digital security it a very different ball game.
Our home is generally not a digital secure environment, unless deliberate measures are taken to secure it from the big bad internet. And it’s certainly not secure for a business to operate from the same house where the digital infrastructure are not secured.
There are 5 security essentials needed for a home office;
1. Perimeter security
Internet access to home is usually provide by an ISP (Interner Service Provider) modem and generally this device has built in firewall that prevent the outside world from gaining access to the devices behind it. However, this is alone is not sufficient.
Its recommended the first line of defence is a next generation firewall that can offer far more security than whats provided for by the ISP modem/router. A next-gen firewall is able to detect intrusions, block malicious website content from being downloaded, and also enable remote access if the business owner is on the road. It can also segment the home use from business use networks and protect each zone from proliferating the other.
Usually, the ISP router also has wifi capability and that leads us to our 2nd cyber security essential for home office.
2. Secure Wifi
Having secure wifi password is very import. However this may not be enough when it comes to a business operating from home office. Enabling a secure wifi network where only known devices are permitted is key. For example, an intruder can attempt the login into a home wifi by hacking the password. Once that defence is cleared they’re free to roam in the home network. A good example is wifi printer that is left without security. To prevent this, a wifi security that’s linked to next gen firewall can help detect a foreign device on it network and disallow the intruder from proceeding any further.
3. Endpoint security
A business endpoint device like a laptop/desktop/server needs to have endpoint security enabled. This is last line of defence from cyber attack such as malware attacks. Not only should the business device have next generation endpoint protection, but also the home devices. Home devices if not protected can be root cause of business device being compromised.
4. Email security
All business email should have next gen email security. The home user may not have advanced email security feature on their personal devices and this can result in cyber breach. However, if anti-malware is installed, and the device is segregated from the business devices, then, the malware spread can be contained and limited to just the home device.
5. IoT device security
One major overlooked area for cyber security is IoT device security. What is IoT? Internet of Things (IoT) are devices that are IP enabled and have smart communication capabilities. For eg., a smart thermostat that can connected to the internet via home wifi and can provide weather, news and even songs. Also it can be controller from mobile apps. Other examples of IoT devices are smart light, automatic gate/door, building systems like blinds, security web cameras, and smart appliances. Given that each of these have capability to connect to the internet, opens a huge window off opportunity for hackers to take advantage of and gain access to sensitive business information.