Being a cybersecurity champion for the company you work for

Finally getting the hang of the work-from-home culture!

By now, you should have a dedicated spot in your home as your new “Office” away from your office and as strange as it was at first, I bet you have settled and have found your way through basic challenges of the “Work-from- Home” culture. Look at you, a passionate employee who’s not bound by any limitations when it comes to business productivity and performance excellence.

Working from home, also called teleworking and telecommuting, is a work arrangement in which employees do not commute or travel to an office for work, but instead work from home or a location close to home. While some employees have been using this method for a while to ensure business productivity, most companies are now forced to practice this way of working as many countries have been on lockdown as a measure to prevent the spread of COVID-19 which has been declared a global pandemic. Although working from home may represent many benefits, it also comes with a great cybersecurity threat to a company’s private network.

The Cybersecurity Threat that comes with it…

Cybersecurity simply refers to the practice of protecting systems, networks and programs from digital attacks usually aimed at accessing, changing or destroying sensitive and private information to cause business interruption. Recent studies have shown that while there may be various ways of ensuring cybersecurity in a workplace, the greatest cyber threat in any network are its Users: employees who access a company’s network, systems and programs on a daily basis.

Being a cybersecurity champion for the company you work for!

Whether intentionally or not, employees are at the greatest chance of distorting a company’s network, especially when working from home where there is limited to no monitoring to ensure proper implementation of Information Technology policies. Here is how to become a cybersecurity champion for the company you work for, while working from home:

Avoid sharing your password with anyone: Your password is your unique digital footprint, giving you access to company resources and which is  meant to identify only you. Sharing it may mean giving unauthorized personnel access to sensitive information that they may distort or misuse. 

Avoid opening unknown links or pop ups: Malicious threats normally come in a form of links and emails that might seem legit or unsuspicious from unknown sources. Avoid being quick to open such links before verifying their legitimacy with your IT department, as phishing attacks often stem from such instances. Phishing refers to a fraudulent practice of sending emails purporting to be from legitimate companies compelling individuals to reveal confidential information.

Log out of portals/Systems/Software when you’re done using them: This might seem obvious, but it is very important to practice logging out of a company’s systems and devices when you are not using them. Most recent software automatically log users out when they do not detect any activity from the user after a set period of time. This is a great security control; however, it is ultimately the responsibility of the user to ensure data protection of the company systems they use. Leaving systems online makes them vulnerable to hackers. In a case of working from home, it could lead to kids unintentionally altering/sharing confidential company data which you would be liable for.

Use Only IT department authorized/recommended software/programs when performing work activities: Most companies invest in licensed applications, software and systems depending on various factors which could be the industry they operate in, the IT policies they have in place, the kind of information they deal with, the kind of clientele they cater for etc. The beauty of these licensed software is that they normally come with extra security and monitoring features, making them extra secure to perform transactions ethically. It is important to use only recommended or licensed programs by your company’s IT department to avoid exposing company private/sensitive data to unauthorized and possibly malicious third parties.

Communicate with your IT department personnel: Make it a habit to frequently liaise with your IT department on issues you suspect could be malicious, faulty or any suspicious activity on your laptop. These issues may be all the pointers afore mentioned as well as hardware issues as minor as they may seem.

The reality of COVID-19 presents numerous challenges. We have to come together globally to overcome these challenges, and when prepared, cybersecurity should not be one of them. Stay safe.

Kelebone Mona ǀ IT Administrator ǀ Minet Lesotho