How to Be Cyber Smart: 5 Tips for Creating a Safe Home Office

It's been 19 months since organizations had to provision extraordinary numbers of employees to work remotely as a result of the pandemic. Some companies may consider reopening traditional offices again, but the new work-from-home paradigm has many people contemplating a hybrid model. Although many organizations had already made their transitions to cloud-first and remote-first strategies even before COVID-19, this is a process that requires significant time and investment. Businesses around the world are at different stages in their journey but what is clear is that cybersecurity needs to be at the heart of this transformation to operate effectively in this new post-pandemic world.

A Cisco study found that 58% of employees expect to be working from home eight days a month or more, and 98% of future meetings are expected to include at least one remote participant. Today, digital technologies have become the lynchpin of the future workplace, and how and where work happens is becoming irrelevant. Twenty billion devices and users are connected to the internet today, exposing sensitive information to malicious actors. And by 2023, that number will jump to 29 billion, nearly four devices per person. In such a scenario, security cannot remain an afterthought. Security has to be the cornerstone to enable a seamless experience. It must be deployed everywhere and in everything we do, from the network to data to devices to users.

To ensure complete cyber protection, employees and organizations should implement these best practices at home.

• Multi-Factor Authentication: Reduce your reliance on passwords as the only form of user authentication and open up additional factors to later provide primary authentication. Protect cloud and on-premises applications with Multi-Factor Authentication. It isthe first step in a zero-trust security strategy that establishes trust for every access request — regardless of location.
• Strengthen home network security: As users, devices, and distributed applications have grown in number, the networking environment has become exponentially more complex. VPN (virtual private network) is a private network constructed within a public network infrastructure, such as the internet. Businesses can use a VPN to securely connect remote offices and users using cost-effective, third-party Internet access instead of expensive, dedicated WAN links or long-distance remote dial links.
• Protect your collaboration apps: It has become clear that as a global community, we have moved from collaboration being simply a tool for productivity to it being the connective tissue within an organization's culture. It's important to authenticate users into the ecosystem based on their roles and permissions and secure each interaction, regardless of messaging, calling, content sharing, or video. The use of virtual waiting rooms and blurred backgrounds are also some safety hacks to ensure safe collaboration.
• Be on guard for phishing: The volume of phishing threats continues to increase, and bad actors are getting more sophisticated, often meaning that the look and feel of phishing emails are increasingly authentic. According to Security Magazine, over 3.4 billion email scams or phishing emails are sent every day. This adds up to one trillion email scams per year. Cisco Talos discovered that attackers are taking advantage of the situation to lure users into pitfalls like phishing, fraud, and disinformation campaigns. This reiterates the increased need for security awareness and the targeted threats that require employees to detect on their own. Working remotely is here to stay. Remain vigilant.
• Cybersecurity training: Periodic mitigation campaigns are a must. It provides employees mandatory annual security training, ongoing phishing simulations, year-round security nurturing, and the resources to keep security and trust top of mind. As remote working becomes a norm, this needs to be intensified. This must be coupled with regular, company-wide updates and reminders to act safely.

The article has been written by Vishak Raman, Director, Security Business, Cisco India and SAARC