Managing your online security at home
Working from home has become a reality for many in the face of the coronavirus pandemic, but how you handle WFH (yes, there’s already an acronym for it) can be critical especially if your work is sensitive in nature or confidential. If you haven’t utilized tools like Zoom, Microsoft Teams, WebEx, GoTo, Trello or Slack in the past, there’s a lot to learn about default privacy settings, end-to-end encryption and other options to secure your work products.
The right connection is critical
Let’s start with how you connect to that vital meeting. Are you using a home internet network? The answer is likely a “Yes.” Your equipment deserves all the security you can provide. Let’s start with the password(s) to your modem and router. Both devices come with default codes that should be changed to prevent unwanted network intrusions.
Select the right app
You’ve probably already downloaded a company-selected app for video conferencing with your office crew. Everyone in your workgroup needs to be on the same page, after all. Make security a vital part of the equation.
Watch out for imitations or phony apps on Google Play or the Apple App network. Apple and Google weed out many bogus programs before they become available, but a few bad apps may get through the screening process. Some use names that are easily mistaken for legit programs hoping to trigger downloads. A bad app can launch malware on your device and make working in your pajamas a genuine nightmare.
Read each developer’s privacy policy and check what permissions you must grant to use the product. That’s where miscreants often wiggle into the system. Be wary of any app that demands full administrator privileges; administrators get access to everything. Some apps require the highest level of access, but most don’t need it, so try a different app. Limit access to your device whenever possible. Your best bet is a meetings app that offers end-to-end encryption to thwart hackers looking to capitalize on the increase usage of such tools.
Checking in with coworkers via Zoom? This connection app is all the rage today. Many users rave about Zoom for its ability to unite groups separated by Coronavirus.
The company experienced a very public data leak that involved Britain’s Prime Minister, Boris Johnson. His recent virtual cabinet meeting disclosed the meeting ID code in a background screenshot. You should set up a passcode to access each session but be careful how you share the invitation with staff. There are reports of some links containing the full password in addition to the ID. That can’t end well.
Zoom executives recently admitted that some group conversations had been routed through Chinese servers in error.
Each app carries unique privacy settings. As IDShield’s recent report on social media privacy documented, default settings often display all data publicly. Check those permissions carefully and change them to rigorous privacy options. The Electronic Freedom Foundation (EFF) offers a primer on locking down Zoom protocols.
Stringent settings can also dodge the coronavirus trend known as Zoombombingbad —interrupting group sessions with drawings and other inappropriate content. A recent FBI release warned videoconference users about a practice that also targets school e-learning triggered by the coronavirus.
One last thought regarding video conferences—what you choose for the camera background can reveal a lot about you. Maybe too much. If that bookshelf behind you overflows with trophy baseballs or artifacts from favorite movies, hackers could glean valuable details about your life or hobbies. The more they learn, the easier it is to craft a phishing email you might click.
Some meeting apps offer a selection of generic backgrounds in their files; check for them in privacy settings. Movie studios like Pixar are even offering new film environments for background use to enhance the joy of collaborating from home. Non-identifying surroundings will also keep you safer.
Don’t leave your security up to chance
Proactively arm yourself against cybercrimes with IDShield’s enhanced privacy and reputation management consultation.
IDShield is a product of Pre-Paid Legal Services, Inc. d/b/a LegalShield (“LegalShield”). LegalShield provides access to identity theft protection and restoration services. This is meant to provide general information and is not intended to provide legal advice, render an opinion, or provide any specific recommendations.