Internet security tips when working from home

Homeworkers need to be on the look-out for security issues affecting their data, particularly if that data is sensitive, says Luke Sanderson.

 

Since the introduction of the internet, there has been a slow but inexorable move away from large, memory-hungry servers to cloud computing. Driven by the twin issues of cost and ever more complex and rapidly evolving software systems, cloud computing has today reached the point where it is accepted as being a mature form of technology that everyone is finding indispensable, from individuals to multinational corporations.

Over the past couple of years or so, cloud computing has moved on from simply connecting PCs, tablets and smartphones, and has made the concept of the Internet of Everything (IoE) achievable. Initially, it was the Internet of Things (IoT), which made it possible to control your central heating system from the other side of the world, or utilise GPS to switch the lights on at home and open the garage door just a few minutes before you arrived. Personal data, such as medical information and data relating to your day-to-day activities, is uploaded to the cloud from the wearable devices you use when jogging, cycling or indulging in other forms of exercise.

The IoE goes even further by gathering together information provided by the IoT and using it to, for example, enable local councils to accurately predict future infrastructure requirements and for supermarkets to improve stock replenishment programmes. It also makes it possible for the authorities to track your every movement and for retailers to identify your shopping habits.

An unlocked door to cyber criminals?

With all this information flying around in cyberspace, it’s clear that unless you take steps to secure all your internet-enabled devices, the IoE has the potential to become the equivalent of an unlocked door to the cyber-criminal community. If you work from home, as a growing number of employees and managers do, there is a serious risk that your company’s sensitive data could also be hacked by its competitors. When working from the office, your data is almost certain to be adequately protected by security systems installed and maintained by a dedicated IT department, either in-house or outsourced, but what safeguards do you have installed at home?

Your home computer network should not be treated as a luxury; it is an asset that requires protecting. First off, check that your cloud provider has adequate levels of security in place and accepts responsibility for maintaining your data securely. The current internationally recognised standards are ISO/IEC27001 and ISO/IEC27017. Sensitive data should always be encrypted when stored and when being transferred across a network. The integrity of data should be validated by way of secure hashtag algorithms or message digests used in conjunction with data backups, redundancy and duplication. Access to specific areas should be restricted by the use of personal passwords that automatically record unauthorised activity and guarantee that wrongdoers can be identified.

In terms of adding an extra layer of security and offering reassurance to anyone accessing your website, one of the simplest yet most effective solutions is to migrate it from HTTP to HTTPS (Hypertext Transport Protocol Secure). By doing so, visitors or employees entering personal information are assured that their data is held securely, is encrypted and cannot be modified.

One of the most common forms of hacking to be aware of is cross-site scripting (XSS). Attackers tend to infiltrate the website’s JavaScript content and manipulate or add new elements, which enables them to divert information to a site controlled by them. Microsoft provides an encoding library, Microsoft Anti-Cross Site Scripting Library; alternatively, you could try the OWASP Java Encoder Project.

Viruses and worms

Another major area of concern is malicious code, a term used to describe worms and viruses, both of which can prove devastating. Viruses usually attack personal computers; worms, on the other hand, attack multi-user systems. With the introduction of cloud computing, it is thought that both will have the ability to become problematic across all platforms.

A virus is a piece of code designed to replicate itself by attaching to existing executables. A worm causes execution of the new copy by replicating itself, while a network worm functions in the same way, except that it copies itself to another system via the network. There is a simple solution to prevent malicious code being downloaded to your computer or other device, which is to ensure you have the latest antivirus software installed, along with a resilient firewall. Remember, emails are the preferred method by which worms gain access, so always be on your guard when opening attachments to dubious-looking messages.

The Internet of Everything holds out the promise of almost unimaginable benefits to both individuals and the corporate world. It is up to those working in the field of cyber security to ensure that they stay at least one step ahead of the criminal fraternity and allow legitimate users to log on without having any concerns. You must also take responsibility for securing your own data when transferring it between various devices and the cloud.

 





Post a comment

Your email address will not be published. Required fields are marked *