We live in a connected world, and most of us cannot complete our jobs without using a computer. In fact, according the United States Department of Commerce, 62 percent of working Americans use the internet as part of their jobs.
But as more and more people rely on computers at work, that puts more and more organizations at risk. Consider, for example, the recent spate of corporate cybersecurity challenges, including:
- A major hack of Target in which the personal information of 40 million customers was compromised. The hack cost then-CEO Gregg Steinhafel his job.
- The eBay hack in which 145 million accounts were compromised. The hack was possible because the computer security of three key employees was compromised.
- The ransomware WannaCry made news after infecting more than 300,000 corporate computers, affecting organizations like Britain’s National Health Service and FedEx.
These are just a few of the examples we could highlight, but one thing is clear: Hackers are after money, and where better to get that money than from corporate networks?
Corporate cybersecurity depends in large part on the cybersecurity of individual workers. If you’re the weak link through which hackers gain access to your company’s network, it could spell disaster for both your employer and you.
Here are three tips to help you stay secure at work:
1. Just Because ‘It Looks Like It’ Doesn’t Mean ‘It Is It’
Phishing is one of the most common tactics hackers use when targeting corporations. In 2014, five out of every six large companies were the target of phishing attacks, and the number is likely to keep growing.
A phishing attack is a kind of attack in which a hacker cloaks a website you are using and then sends you a link purporting to be that website with the hopes that you enter your login information. Once the hacker gets those details, they rush over to the actual website and use your credentials to log in.
Whenever you receive an email asking you to click a link to carry out sensitive action that pertains to your workplace, be very careful. At the very least, confirm the link’s security with IT first.
2. Don’t Download Unknown Attachments
As with most ransomware, the previously mentioned WannaCry was able to infect computers through downloads. Employees downloaded email attachments or other files that turned out to be infected, thereby passing the infection along to their computers.
It’s common sense in cybersecruity circles to not download email attachments or other files from unknown sources. You need to be especially careful when downloading files in a corporate environment. If you don’t know who an attachment is coming from, it’s better to err on the side of caution. Even if you do know the source but the email looks questionable, you shouldn’t download the file. People’s email accounts have been hacked and used to spread damaging files before.
3. Use a VPN When Connecting Outside Your Corporate Network
Hackers are smart and highly sophisticated these days. They’ll often “eavesdrop” on the data people send from their computers and out into the networks to which they are connected — especially when people are connected to public Wi-Fi networks.
If you are accessing the internet through public Wi-Fi — or even at home — you should assume it’s possible someone is eavesdropping on your activities. If you are simply watching YouTube videos, this might not mean much to you, but if you’re accessing your company server from outside your company’s network, you could be exposing your employer to a serious cybersecurity threat.
Don’t take any chances. Use a virtual private network (VPN). Essentially, a VPN service creates a secure, encrypted tunnel between your device and a VPN server, making it virtually impossible for anybody to see what your computer is up to. You can set up your own VPN, which can be quite complicated, or you can use a VPN service. There are dozens of paid and free options out there. Do some research to find one that is right for you.
John Stevens is the founder and CEO of Hosting Facts and a contributor to TheBestVPN.