Working from home doesn’t have to expose you to hackers. Here’s what you can do to make it safer.

Working at home can leave you open to hackers, even in normal times, and these aren’t normal times. With millions of people under orders to stay home to slow the spread of the novel coronavirus, many more people are now working in their personal space, sometimes on their personal computers or phones. That makes a much wider target for hackers, cyber security experts say.

At home, it’s less likely you’re protected by the corporate software that can scan every link you click and file you download for signs of danger. Here’s what you can do to work from home more safely.

Update your software

Because you aren’t in your office, your company could have a harder time keeping your software updated automatically. And you might not realize it, but professionals whose job it is to stop hackers say that keeping your software up to date is one of the most important things you can do.

When software companies release updates that fix security flaws, they’re essentially handing hackers a key that helps them access devices running the older version of the software. If you update your software, you’re changing the locks, and it’ll be a lot harder for hackers to get in.

It’s not just the applications running on your phone or laptop that need updating. You can also make sure the operating systems on your devices are up to date. Even routers need to be secured, though router makers often install these updates automatically.

Of course, there are potential drawbacks. Software updates themselves can sometimes cause problems on your device, breaking programs that are essential to your job or making your device unusable. These problems, however, typically get noticed and addressed quickly. So if you must wait to make sure there aren’t any surprise problems with the update, go ahead, but don’t wait too long.

Use two-factor authentication

If hackers do manage to infiltrate your system, they might be able to steal your usernames and passwords. That sounds scary, but there’s something you can do to make that information much less useful for hackers. It’s called two-factor authentication, and it requires you to enter a onetime code or use a hardware token to finish logging in after you enter your login credentials.

When you have this feature enabled, stealing your password isn’t enough for a hacker to log in to your personal bank account — or your company’s payroll system. It’s an extra step, but it’s one of the most effective ways to stop hackers. The security settings in Microsoft and Google cloud services used by many small businesses let you turn on two-factor authentication and review other options for keeping your accounts secure.

Avoid phishing scams

Just like you need to be on the alert for scams and bogus information about COVID-19, the disease caused by the coronavirus, you should keep your guard up against suspicious messages that could come from hackers and scammers.

According to Microsoft, 91% of hacking attacks begin with a malicious email, in what’s called a phishing attack. The emails can take all forms. Some might promise you vital information about the spread of the coronavirus in your region, but in fact contain a malicious file that can infect your computer. Others will use spoofing to look like they’re coming from your boss, asking you to wire him or her some money in a hurry.

This is especially true on April 1, when confusing, jokey messages tend to float around social media fields and inboxes for April Fools Day. Don’t lower your mental defenses on this day and click something you would normally find suspicious.

Beef up your personal security

For people using a work computer at home, corporate anti-virus software and other security tools are often running by default. If you have access to a corporate VPN, you can use it to access your company network, where your employer can better protect you from afar.

This won’t work for all companies, which might not be prepared to have their entire workforce use the VPN at once, so it’s worth checking in with your employer about this one. You can also use a personal VPN, but that’s mostly to protect your own privacy, as these services aren’t meant to protect you from malicious software and apps.

If you’re using your own computer and can’t access your company’s internal network, you can still install consumer products that scan for malicious software that can steal information, spy on you and spam your contacts, as well as potentially unwanted programs like adware. If you run these programs and keep these other tips in mind, you’ll be in good shape to defend yourself from hackers.

Plus, there might be a silver lining, Hallenbeck said. If you can’t access your employer’s network, then hackers can’t use your computer to access it either.


More on Technology