Coronavirus has taken many businesses by surprise. Our society is starting to feel the financial impact as a result of this pandemic and our challenges will be around, unfortunately, for some time. The quarantine rules implemented by many state and local governments, although hopefully helping the spread of the virus, have forced business leaders into tough decisions.
Some businesses have, tragically, forced to layoff their employees while others have enabled their employees to work from home with business laptops. Some companies, however, are caught in the middle; their employees continue to work but are forced to use their personal devices because they use desktops at the office instead of laptops. While it is advisable to never use a personal machine for work, this is a very unusual time so it may not be possible to follow this best practice especially if your job is on the line.
“With careful planning, your business may face a smaller impact should another global crisis occur.”
If you must use your personal device for work, consider these steps to mitigate threats to your business’ sensitive data:
- Recommend that your business develop a Business Continuity Plan (BCP) that includes a pandemic. One valuable lesson from this event is that a global pandemic is always possible, especially with the ease in traveling to other countries in a matter of hours. There is a likelihood that another similar event will occur again sometime in the future. If your business never considered a BCP that includes a pandemic because it never thought it would need one, this event is proof positive that BCP’s should be developed, even for very rare events.
The BCP should include processes to assist employees in accessing third party services should they need it.
- Create a separate account on your personal device for work. If you’re forced to work from home and must use your personal laptop because a business laptop is not available, then create a separate restricted account for your business work. By “restricted,” that means never create an administrative account for work nor should you ever use your personal account for work. Creating a restricted account is often a better method to mitigate attacks than relying on anti-malware software. You can even go a step further by creating a virtual environment within that separate account as an extra layer of separation between your personal and business data. Oracle VM VirtualBox is one example of a free, open-source virtual environment tool.
- Consider open-source anti-malware. The effectiveness of anti-malware is debatable but if your company requires that one be installed, there are open-source solutions available. Microsoft Defender is one example and free, open-source anti-malware is also available for Mac’s.
- If possible, use a personal guest wi-fi account during work. An increasing number of wi-fi adapters support a primary wi-fi signal for personal use and a second signal for guests. If one is available, consider using your guest wi-fi account for business use. This is especially useful if you have teenagers who will download anything without considering the consequences. Don’t forget to implement strong wi-fi encryption.
- Consider alternative solutions if wi-fi is not available or for faster data transfer. If wi-fi is not available, many smartphones have the option to be used as a personal hotspot. It may be a bit of a learning curve but it is possible, in many cases, to connect to your phone if the personal hotspot setting is enabled. Another option is to directly connect an ethernet cable from your router to your laptop. An ethernet cable enables faster data transfers than wi-fi because wi-fi requires extra negotiations to “filter out” other wi-fi signals and to decrypt the signal.
- Consider your surroundings, especially with hard-copy data. It’s tempting to relax your security best practices when you are at home, but your 18-month-old child may have other plans with your sensitive data. If you live in an apartment, the superintendent will likely have access to your apartment to make necessary repairs. Don’t ever let your guard down; treat your sensitive hard- and soft-copy sensitive data the same as if you’re in the office. Home filing cabinets are cheap, they don’t take up a lot of room and many of them are lockable. While the locks on many cabinets are far from foolproof, accessing a locked cabinet will take time and a good guard against young children or snooping outsiders. If a filing cabinet is not available, then consider an alternate location to hide your hard-copy sensitive data from view.
- Disable all smart home appliances. ZDNet ran a recent article, suggesting that smart home appliances like Alexa should be disabled while working at home. Home appliances have been suspected by many that they record all home conversations. That may, or may not, be true but the risk is there.
One valuable silver lining from this tragic event is that even rare situations like this one may cause a huge impact for your business so preparing for the unexpected is highly advisable. With careful planning, your business may face a smaller impact should another global crisis occur.
Want to talk over personal device use and how that might impact your organization? Contact Pivot Point Security to connect with a Virtual Security Team member and get some exact answers.