May 15, 2020

Cyber distancing: A three-step approach when working from home

By Tim Bandos

The current blurred lines between work and our personal lives, and the shared technology that connects both, brings increasing threats to our cybersecurity. Part of the problem is security processes that come as second nature in the office environment can easily be forgotten at home, especially when using your own devices.

While the security risks of remote working are nothing in themselves, the huge number of people working at home has increased the security ‘perimeter’ of many organisations to unprecedented levels. So, just as we are practising social distancing, those of us currently away from our usual office environment need to apply an equivalent level of cyber distancing to make sure we don’t become victims of opportunist criminals.

While the risks have increased for everyone, some home workers are more vulnerable than others.  Many home networks are not fitted with next generation firewalls, two-factor authenticated Wi-Fi hotspots, and the various cybersecurity products available to protect the perimeter. Many people are still using the same router they got free from their internet provider years ago, and a significant proportion of those have never even changed the default password and settings it came with.

So, what does cyber distancing involve? The starting point is to first understand the extent of the current threat, and there’s no doubt the problem is huge. Just a few weeks ago, Google was reportedly blocking 18m scam Covid-19 emails a day, while the UK’s National Cyber Security Centre (NCSC) took down over 2,000 online scams of various kinds in a month and launched a new service allowing people to report suspected phishing emails. From there, following a three step approach can help boost home working security:

Cyber distancing step one: Use existing tools to improve home network security

Changing some basic settings via the homepage of your router can significantly improve your security levels. You can do this by opening a web browser and entering your router’s IP address – for BT routers, this is http://192.168.1.254/, for example, and for Sky broadband customers http://192.168.0.1. A Google search will help find others, or this information, along with the default password is often located on the router itself as well. Entering your username and password will enable a range of security improvements to be made, and these should include:

  • Change default passwords: Change the administrative password on the router to something more complex that only you know.
  • Set a strong WiFi access password with WPA2 encryption: A strong password should be 20+ characters in length and include numbers, letters, and symbols. That may sound like overkill, but reduces the chance of it being compromised.
  • Disable remote access: Remote access allows you to control your network remotely but also opens up a backdoor for criminals, so disable it.
  • Disable SSID Broadcast: When the router SSID, or network name, is broadcasted, that means anyone near your home can pick up your signal and attempt to access your network. If broadcasting is disabled, you will be less of a target.
  • Update router firmware: Routers don’t typically come with an auto-update feature for firmware, but it should be kept up to date and free vulnerabilities. Check for updates six months.
  • Secure connected IoT devices: This one is very important. The prevalence of connected devices has led to many of us having “dumb” networks. Smart devices, such as watches, webcams, connected appliances or an array of other gadgets and technologies can open up gaping holes in your network, especially since a lot of them arrive with weak default credentials and custom ports that can notify attackers of their existence. It’s a good idea to update the passwords on your connected devices with something complex and modify the default ports it listens on. This will require something called Port Forwarding on your router to whatever new port you assigned, but it’s worth it for the added security.

Cyber distancing step two: Change your behaviour to improve security

There are three golden rules – many people already know them, but it’s surprising how often they are forgotten or ignored:

  • Never click on suspicious email links and attachments: The primary risk from Covid-19 themed attacks has come from phishing emails and there has been a massive increase in criminal campaigns using this pandemic to their advantage.
  • Always validate email addresses: When you receive an email, check out the full sender’s address and don’t rely just on the name you see. Emails can often appear to have come from a name you might recognise, but are actually fake and come from a @yahoo or @gmail account, not an internal work account.
  • Don’t reveal personal data: Neither your bank or the government will email you asking for personal financial information, logins or passwords. Criminals impersonate these organisations to trick people into revealing their data – always be highly suspicious if you receive an email of this nature.

Cyber distancing step three: Add additional security layers

The more security layers there are in place, the harder it is for criminals to succeed. For example, if you have the option,  stay connected to your work environment via a VPN. Many organisations already have this option established for remote work connections but it’s also an effective way to add another security layer to your own network. Also, you’re using a personal laptop for work, keep it fully patched and up to date. Installing a credible antivirus solution for added protection is another step in the right direction.

Taking steps like these will help most people now working from home to establish a suitable level of cyber distancing. Not only will this help improve security in the short term, but they also represent a solid foundation for keeping technology and data safe on a permanent basis.


Tim Bandos, CISSP, CISA is vice president of cybersecurity at Digital Guardian and an expert in incident response and threat hunting. He has over 15 years of experience in the cybersecurity realm at a Fortune 100 company with a heavy focus on Internal Controls, Incident Response & Threat Intelligence.


Read more: How to build a secure remote working organisation


Verdict deals analysis methodology

This analysis considers only announced and completed cross border deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,