Raise your hand if you have ever used a personal device to perform a specific job-related task. We have all worked from home or a coffee shop, either as a freelancer, for our company or doing a job for the university, but have you stopped to think about how this fact can cause you some other problem? We may compromise our information and our businesses or jobs by using our equipment for work and personal use.
With the Internet revolution and new technologies, more and more users enjoy the flexibility and facilities of working from home. At a European level, according to Eurostat, 35% of companies are already committed to remote work among their employees.
Image screens with icons and not only at the company level, but it is also widespread to see people with their personal computers in connected public spaces performing different types of tasks among those related to their work.
However, despite all the advantages that they entail a priori for the user, this last fact implies many risks.
And it is that many times we resort to our personal computers to carry out tasks that may seem simple to us and that we could not complete in our workplaces, such as finishing modifying a document that we left pending or sending that last-minute email that we missed, either because we do not have the equipment to telework, or because we would like to bring forward some tasks. But where is the risk? We show you some examples:
- If our computer has a virus, we infect the file, which infects the rest of the files when copied to the company’s server.
- If we use personal email accounts to send work documents, we can get the wrong recipients or even receive spam mail by including it in email forwarding chains.
- Loss of critical information due to the lack of backup copies.
- Disclosure of confidential information by not using encryption mechanisms to protect it.
Therefore, before using personal equipment for work use, we must ask ourselves: What would happen if we lost the device and others had to access the information stored? What if our device were infected and clients or co-workers received emails with personal information? Or if it was our fault that the work network infected the work network? Or if I erased all the information on a project from one day to the next?
How can you work safely from our personal computers?
If we had to perform a task promptly, and the company has not provided us with the safety mechanisms to do so, that is, we do not have teleworking authorized, to minimize the risks, we must ensure that we have the main security aspects under control:
• Install and keep an antivirus update: It is the first and most crucial step to protect our equipment and the data stored on it. New viruses and threats appear every day, so you need to stay up-to-date to detect them.
• Separate personal and work accounts: Dividing our space and time between personal and work tasks will help us be more careful and professional. You don’t want to send a client or co-worker a personal document by mistake. We will put this into practice by creating different user accounts on the device.
• Make secure connections: Sometimes, we must connect to public Wi-Fi networks, whether due to a work trip, an emergency, or because we have no other option. We already know that these networks are not secure and that we should try to avoid them as much as possible, even more so if they are used to transfer business information. If you have no choice, make the connection through a VPN network.
• Use a firewall: A firewall is just as crucial as an antivirus. They protect us while we browse the Internet by rejecting malicious or suspicious connections.
• Encrypt information: When we encrypt our information, it is as if we keep it in a safe. Only those who have the key or know the combination can access it. Storing sensitive data can put you and those with whom you work or share information at risk. However, thanks to encryption, we reduce the risks.
• Make backup copies: Backup copies help us not to lose our information and have a backup version in case we lose the original. We recommend that you also encrypt the copies and follow the 3-2-1 strategy :
o, Keep three backup copies: the main one to work with and two “backups“.
o, Keep the information in 2 different types of storage, for example, on a hard drive and in the cloud.
o, Keep one backup outside of our home.
We must avoid storing sensitive information without encryption that could harm our privacy or that of others; what would happen if the cloud service suffered a “hack”? That is why it is so vital that we keep the information encrypted.
Finally, we must always keep in mind that not only our device can be dangerous. The external devices or peripherals that we use, such as our scanners, USB sticks, printers or external hard drives, can also be potentially dangerous elements:
• Printers or scanners: The documents we send to external printers or scanners remain stored. Therefore, if we need to print confidential documents or sensitive information for our work, we should use our printer or scanner.
• USB sticks or hard drives: Keeping the information on these devices encrypted is the number one rule we must follow. However, another problem occurs when we connect unknown devices to our computer that may be infected or vice versa when we connect them to an infected device.
What should we do then? Avoid carrying out these actions as much as possible. In any case, analyze the external device with an antivirus before opening any file or ensure that the device to which we connect our “pinch” is correctly protected with security tools.
Remember, if you have to use a personal device for work functions at any time, apply the good practices we have shared with you to avoid problems.
Has something similar ever happened to you? Do you work from your personal computer? Share your opinion and experiences with the rest of the users and keep up to date with OSI publications on cybersecurity to enjoy the advantages of technology.