With more people working from home on their computers, it is important to think about security. Protect your computer and work files from viruses, Trojans, scams, phishing, adware and more.
Whether you are using your own computer or a work computer, when you are working from home you need to consider security. There are many potential security threats and you need to keep your wits about you and put security measures in place to prevent malware attacks.
Extra care needs to be taken when there are valuable work files on your computer. There could be financial information, personal information, sensitive company documents and so on. All should be safe, secure and protected. No-one should be able to access them without your permission.
Beware of malicious email attachments
Working on your home computer will almost certainly involve Microsoft Word documents and you may exchange documents with other work colleagues, customers or clients. Be aware that Word documents can contain malware like viruses, Trojans, spyware and so on.
The trojan spreads via Microsoft Word Document files. The malicious files follow the naming convention “i<7-9 random=”” digits=””>.doc” and usually contains a blurred image. The document claims to be protected, and for decryption, it requests to enable content so the user can see the clear image.
Trend Micro
Be suspicious of any Word file that comes as an email attachment, especially if you were not expecting it. It could be infected with malware. If the email is from someone you do not know, that is suspicious. If your work involves exchanging Word documents with people, that makes spotting malware harder, so think twice before opening the Word document.
The content of the email is often a giveaway that the attachment is malicious and it often says you must open it, you must view it, you must save it and so on. The malware only infects your computer if you open the attached Word file, so the message tries to persuade you to do so. Don’t!
PDF is another common file format that could contain malware instead of the document you were expecting or the name of a file could be made to look like it is a PDF when it is not. For example, “Report.pdf .exe” where the extra spaces hide the .exe at the end. When you open what you think is a PDF, a malicious file executes. Watch out for Word documents and images using this trick too.
Watch out for phishing
Unfortunately, phishing emails are as prevalent today as they were 10 years ago, judging from my own mailbox. Every day there seems to be a phishing email. The number you get varies with the email service and some are better at filtering them out as spam than others. Quite a few seem to get through to my Outlook.com email inbox, but fewer come through on Gmail. Other email services may be worse.
The biggest giveaway that an email message is phishing is not knowing your name. Any email that begins “Dear customer” or simply has no name at all. Phishing emails often do not know who you are. Emails often tell you of a problem with an account like Amazon, Apple, Netflix, your bank and so on. They claim it has been locked for various reasons and they tell you to click a link or button to sign in. Never do that.
Always open a new browser window and type the URL of the website, store or service. Once logged in, see if there are any notifications about problems. There won’t be.
Some phishing emails occasionally come very close to looking legitimate, but sometimes you can spot something wrong, like poor English/American with misspelt words. If you receive an unexpected email that looks like it is from a work colleague, customer or client, telling you to click links or buttons, open attachments, or log into accounts due to problems or changes, be suspicious. Get on the phone and call them and ask if they really did send the email.
Use antivirus and antispyware software
When working from home you may exchange files with people via email or online services, and you may need to download software applications and tools for your computer. There is always a small risk that you might encounter malware like a virus, spyware, adware or potentially unwanted program.
If you have the latest version of Windows 10, it contains Windows Security, which these days is a pretty good security tool that keeps out most malware. It is all I have used for the last couple of years and it works fine. However, some people want more features and more security, so there are many alternatives.
These security suites were awarded maximum scores by AV-Test in the December 2019 test:
- Bullguard Internet Security
- Kaspersky Internet Security
- Norton Internet Security
Malware is constantly changing though and software that is best now might not be in the future. If you do get one of these to increase security and safety when working from home, check that it is still getting maximum scores when the time comes to renew your subscription and switch to an alternative if it is not.
The Apple Mac is fairly secure and still many Mac users do not use security software, however, it is not completely safe and malware, usually less serious things like adware, can infect the computer. In AV-Test December 2019 tests, 8 out of 11 security apps scored maximums across the board. Take your pick from Airo, Avast, AVG, Bitdefender, ClamXAV, Kaspersky, Norton and Trend Micro.
Use Wi-Fi security and VPN
Can other people access your home Wi-Fi network? If your neighbors are close and within reach of your Wi-Fi then maybe they can. If someone can get onto your network they can then try to access the computer on which you are working. That could allow them to see private information, work documents and private data.
It is common for home Wi-Fi to be secure and protected with encryption and a password, so unauthorized access is not an issue. However, you should not take it for granted that your network is secure. Check it. A simple way on the Apple Mac is to click the Wi-Fi icon in the menu bar and see if there is a padlock next to your network. Android phones and the iPhone also show secure networks.
Beyond your home network is the internet and it is hard to avoid people spying on your activities. Your internet service provider, websites, advertisers and more, all want to know what you are doing, where you go and what you see. The internet is a privacy nightmare!
A VPN helps a lot and stops certain types of tracking and snooping and eavesdropping on what you do on the internet. A VPN client on your computer, Mac or PC, creates an encrypted connection to a VPN server on the internet and is a sort of tunnel to another city or even country. You appear to be wherever the VPN server is located so sites and services treat you as a local, and it prevents anyone from intercepting your internet traffic and seeing what you are doing, such as your ISP.
I used NordVPN for a long time and found it to be excellent. It is reliable, has thousands of servers around the world and a great set of features. You can often pick up a great discounted deal on the NordVPN website. Other VPNs worth considering are PureVPN, Ivacy VPN (I’m currently running this), and Surfshark.
Check out the VPN deals on the offers page.
Enable the firewall
We live in a networked and connected world and computers and devices communicate with each other for various purposes, like browsing the internet or printing to a wireless printer. Hackers and malware also try to communicate with computers and devices on the network to gain access to your computer and its files. A firewall is a sort of security barrier that allows the useful network traffic like internet, printing, streaming movies and so on, but blocks the hackers and malware.
Open the Control Panel on a Windows PC and click Windows Defender Firewall. Enable it. On the Apple Mac, go to System Preferences > Security & Privacy > Firewall and turn it on. You will need to click the padlock first and enter your admin account password.
Protect files with disk encryption
Could someone access your computer? Could they access files on it and see private or personal information? Could they access your work files? Could your home work computer be stolen?
The best way to protect files on a computer is to encrypt the drive and Apple Macs have encryption built in. To check that it is enabled and to turn it on if it isn’t, go to System Preferences > Security & Privacy > FileVault.
Microsoft provides BitLocker on Windows PCs running Windows 10 Pro, Enterprise or Education. Go to Settings > Update & Security > Device Encryption and enable it. However, large numbers of home users and home workers have Windows 10 Home with no drive encryption because BitLocker is not included. However, there are solutions. If the whole drive is encrypted then all files are encrypted, but you could choose just to encrypt important files or folders instead.
OneDrive has a feature called Personal Vault and it is a secure and encrypted folder in OneDrive both online and on the computer (they sync). Open the folder either in a browser at the OneDrive website or on the disk in Explorer in the OneDrive folder. Only three files can be placed in the Personal Vault for free, but there are no restrictions if you have a Microsoft Office 365 subscription, in addition to all the other benefits like Office software, 1 TB of space and so on.
If money is tight and you are on a budget, use Veracrypt, which is a free open source encryption app for Windows, macOS and Linux. It creates a sort of virtual drive. You allocate some space, like a gigabyte of disk space, and it creates an encrypted container (a file) protected by a password. Mount it and it appears as a new drive. Unmount it and it is locked and inaccessible by anyone without the password. It is a great place to put private and sensitive files.
VeraCrypt can also encrypt whole disks or partitions, so everything on the drive is protected. This is useful if you use external USB drives or even thumb drives. They can be encrypted so no-one can access the contents but you.
Take care with Chrome extensions
There are hundreds, probably thousands of extensions for Chrome and there are some fantastic ones that I could not live without, like password managers. However, from time to time, bad ones are found in the Chrome Web Store. They may spy on your activities and most extensions can read the contents of web pages you visit. Some may cause adverts to be displayed that are irritating or they fake clicks on adverts to generate income for the owner.
There is no obvious way of telling a bad Chrome extension. Read the reviews sorted with the most recent first. They often reveal problems. Avoid ones with low numbers of users and stick to well-known extensions by reputable developers.
