Over the past few weeks, we have all had to consider working from home (no need to say why unless you have been living under a rock). This guidance post is about how you can work from home securely and productively.
Setting up the Environment
Ideally you need a room you can yourself up in, set up your working environment and be away from the usual activities in your home while working. Unless you already have a home office, then this isn’t going to be possible in the short term, but you still need to be able to work productively. If you have a room separate from your main living area (e.g. a dinning room, or a spare bedroom) designate this as your working area. If you haven’t, then it may be harder for you to be productive, but cooperation from your other family/household members will be necessary to allow you to work.
If you have children and a partner, try to share the responsibilities of looking after the children while you have to attend meetings remotely, or have to work on a task.
The most important thing is to establish some form of routine. For example:
- Wake up at the usual time for a working day and go out your usual routine
- Take regular breaks
- Keep hydrated
- Have lunch
- Move around and if possible get outside for fresh air and sunshine (this is important to promote vitamin D production in your body)
- Maintain contact with your family and friends, especially your co-workers virtually using social media, phone, SMS/IM, etc.
This sounds silly, but take it from me who has remote worked extensively over the last 15 years, routine is important.
What Equipment do I Need?
This will depend on your work, but you will need a stable and preferably fast broadband internet connection with strong WiFi signals. Most home routers can provide this, but you may need to think about WiFi extenders which boost the signal in areas of your home with weak signal. There are also a lot of Mesh Routers around these days that provide a similar benefit. This TechRadar posting will provide some advice on the best devices to buy.
If you are working on documents, then you need a device with a reasonably large screen, and preferably with the ability to project to larger monitor. A PC is the best for this. You will also need a proper keyboard and mouse to ensure your posture is appropriately settled.
If you only work casually with documents, then a large format tablet (8-10 inch screen is best). You can get stands to prop up your tablet as well as mobile keyboards. Android can make use of a Bluetooth keyboard and mouse, while some of the later iPad also have a keyboard and stylus. A search on Amazon will return a number of third party stands you can buy.
If you have a 2-in-1 Windows tablet (e.g. one of the Surface range, but there are cheaper options), then you effectively have a full size PC that can be projected to a monitor.
You should also be careful about your posture. Watch the following video to help set up your workstation environment – also a good idea for when you are in the office:
I accept that your current home working environment might not be ideal, but taking some of the tips in the above video will help reduce issues of back pain from poor posture.
A word of advice regarding your internet connection. It is likely that you have a domestic connection, which typically has high download (e.g. 36 Mbps or higher for cable services), but much slower upload capability (typically 5-10 Mbps). This is typically OK for home use as you are consuming content by downloading it. However if you need to upload documents or do audio/video calls, the upload bandwidth can be overloaded. So, here are a few tips:
- Limit your use of Video Conferencing and where possible use audio connections which are much more bandwidth friendly
- Use your mobile phone to connect to conference lines and with your friends, family and colleagues – doing audio from your PC is going to tax your internet connection
- If you have people in your home who are playing games, ask them to limit use when you need to attend meetings remotely to allow you have a stable connection
- Limit the amount of high bandwidth downloads as much as possible (e.g. streaming HD/QHD video) and if you must stream video go for a lower resolution and limit access during the working day is at all possible.
I have to admit that over the past week while I have been working totally from home, connecting to conference lines has been sporadic via my mobile and you may have to use your internet connection for this.
What tools are available for Remote Working?
If you work for a large company then they have probably set you up with a laptop, a remote desktop service or cloud computing service that allows you to connect to the office securely and all the facilities via a VPN or similar service.
If you don’t have access to your work systems via a VPN, then there are other options, but you have to maintain a degree of security when using them.
For remote meetings services like Skype are readily available. If you have an Outlook email account then you have access to the basic Skype services both on www.outlook.com and on your Windows PC through an app for free. You can get more services through an office 365 subscription, by adding funds to your Skype account and purchasing additional service (e.g. landline numbers for dial-in). You can also download the Skype app on your Mac, Android phone/tablet, iPad or iPhone. This provides chat, email and video calling as well as calling landlines all over the world at very competitive rates typically £0.02 per minute for a call from the UK to the US. See Skype.com for more info.
You can also use Apples Face-time, Googles services on Android, as well as a whole collection of other services including Facebook. Just make sure they are genuine services and not scams/malware sites which is why I only recommend the above linked services. There are a lot of scams going around at the moment due to the current COVID19 pandemic (from winter 2020), so please make sure you are using a reputable firm.
Office platforms are also good for remote working. Office 365 and Google Docs are the most popular and both provide free services as well as paid subscriptions. You will need an Outlook account to access Office 365 and a Google account to access Google Docs. There are others, but make sure you are not using a malicious service.
Cloud Storage normally comes with your Google/Outlook account and can be used to share large documents that cannot be sent by email or other messaging platforms. However, you do need to be careful how you share documents. All services allow you to post to a public folder available to anyone who knows your account info as well as private sections where you can set up individual shared links to specific documents or folders on your cloud storage. I also suggest you encrypt anything you put online and this can be done using WinZip (which is probably the best but requires a subscription) as well as 7-ZIP (which is open source and free, but not as user friendly). Both of these are available in some form for all platforms and for 7-Zip mostly through third party apps which may be insecure. There are also other options, but as usual just make sure they are genuine and not malware infested.
I also suggest you take a look at our guidance on using Using Cloud Services Safely.
Cyber Security Considerations
First I suggest you take a look at our post on Cyber Security during a Pandemic. There are a lot of bad actors out there looking to exploit the panic around the current situation and you need to be careful about what you click on.
I want to cover the following topics:
- Basic Cyber Security practices
- Securing your home network and accounts
- Using a Virtual Private Network (VPN)
- Handling confidential information
- Access to your devices when working at home
- Using Cloud Services not provided by your employer
- Emailing confidential documents to home email addresses
- Make sure your devices are patched with the latest security updates.
Basic Cyber Security practices: Take a look at the guidance on this website for a lot of guidance on how to avoid being tracked and invaded by malware. You can also follow our Twitter feed to learn about up and coming Cyber threats. We will also be blogging more on this site with various pieces of advice, so please bookmark our site and keep coming back – even when the current crisis ends.
Securing your home network and accounts: The following are a setb of basic precautions you can take to set up your home router more secuerely:
- Change the default password on your router settings to be a strong password
- When you get in to your router settings, make sure Universal Plug and Play (UPnP) service is not active (may affect XBox/PlayStation connectivity, but this should be largely replaced by now)
- Make sure your WiFi password is a strong password and not the default
- Make sure you are using one of the following to encrypt your WiFi transmissions:
- WPA-PSK [TKIP]
- WPA2-PSK [AES] (typically the default)
- WPA-PSK [TKIP] + WPA2-PSK [AES]
- You can also hide your SSID (the name for your WiFi network) – most devices these days will connect to a hidden WiFi connection consistently, but you will need to reconnect all your devices if you hide an open SSID now
- Reset your SSID to be a unique string that does not identify you or your household (e.g. not your your name or address) – you will need to reconnect all your devices in your home if you do this
- Where possible use a wired connection – it will be more secure and in all likelihood faster and more stable.
There are a lot more technical steps you can take, but if you do the above it will be a fair way towards securing your network.
Please also look at our extensive blog on setting up your router securely (word of warning – this blog gets technical).
Using a Virtual Private Network (VPN): Hopefully your employer has provided you will a secure Virtual Private Network or secure cloud based computing environment, to do your work remotely. If they haven’t, then subscribing to a commercial cloud based VPN is a good idea. We have a guidance page page on using Virtual Private Networks which I suggest you read for background information.
The VPN services I would recommend from a privacy and stability perspective are:
These are subscription services. There are also free services, but as our guidance states these often have privacy issues as well as hijacking your bandwidth to service their VPN for others.
For the most part a VPN isn’t that necessary in the UK, unless you really want to maintain your privacy as a consumer. However, for business use this is more important.
There are also useful pages on TechRadar that lists all the popular VPN’s with reviews. Most services have PC based, as well as mobile device based, VPN services. If your home router supports it they can also be installed on your router so that you secure your hole household through the VPN. However, using a VPN will use more mobile data, so if you are on a capped mobile data tariff then use this carefully and defer to using WiFi.
Be careful when selecting a VPN as there have been some rogue services out there as well as clones of genuine websites that drop malware on your devices.
Handling confidential information: when you are in the office you have secure means to print and dispose of confidential documents. In your home you probably won’t go beyond a cross-cut shredder, the output from which ends up on your domestic refuse bins. Under no circumstances use a simple strip based shredder and at the very least use a cross-cut shredder. A better shredder is one that cuts the paper up into confetti sized pieces, but these can be expensive. The best policy is not to print at all as you then won’t have to dispose of the hard copy.
If you are attaching to your office systems via a VPN then is is unlikely you will be able to print to your home printer. If you are using consumer tools, then you will. Either way you can take copies of documents by photographing with your smartphone from the screen and sending to people via your personal email account and you can also print the image locally. If you do this, then you have to be careful over how you store this information as it might represent a data breach by your employer that has to be reported under the GDPR regulations.
In addition, make sure that members in your household cannot see confidential information on your devices.
If you wouldn’t normally discuss work matters at home, then don’t start now that you are working from home.
Make sure your voice and video communications are private and if necessary take yourself away to another room (e.g. a bedroom) to have that conversation.
Access to your devices when working at home: When you are working on your devices at home, make sure no-one else has access to the device. Secure it with a pass-code/password and preferably set up a different account on your PC (it is reasonably easy to set up a local account under Windows 10). Only use this account for work and do not connect to your personal NAS drives/home servers/cloud services/etc.
Clear the Cache on your web browser regularly – in most browsers this can be triggered when you close the browser. Make sure any email accounts you use for work are not accessible when you login to your normal accounts. Make sure any passwords you use for work are not available to your household members as this could also be considered a breach of security that is reportable under the GDPR by your employer.
Using Cloud Services not provided by your employer: If you are a regular home-worker, your employer will have set up a secure environment and cloud services. This should not be of any concern since they will manage this for you.
If you are using services not provided by your employer (e.g. video conferencing, cloud storage, VPN) then you have to pay attention to how you use it. Again, I suggest you take a look at our guidance on using Using Cloud Services Safely.
I suggest you set up separate accounts for use at work that are separate from your personal ones. This will ensure that your family and friends do not have access to anything work related. Also make sure you apply a strong password and preferably some form of two factor authentication Our Authentication Best Practice pages will assist you here.
Securing your online accounts is something you should be doing anyway, but in case you aren’t then I recommend reading our Guidance on Authentication Best Practice as a good starting point.
Emailing confidential documents to home email addresses: If you are using a work related VPN then please resist emailing documents to your personal email addresses. In most cases this could represent a data breach and highly likely monitored by your employer. You employer may also block emails to your personal email address requiring manager approval to release the message and/or disciplinary procedures.
Also, try to resist using personal email addresses to enable remote working wherever possible. They are often not as secure as an employer provided email account.
Make sure your devices are patched: If you are using a Windows PC running Windows 10, or a Mac notebook, then you will be provided regular updates to close security vulnerabilities. It is best to ensure these updates are installed on these devices regularly.
If you have an iPhone/iPad, then Apple does a good job of keeping these updated, although sometimes with performance issues for older devices.
If you have an Android device (Phone/Tablet) then depending on your manufacturer and the level of support, you may be running an obsolete version of Android (particularly for budget devices). Even if your device has a recent version (e.g. v9), you may not be getting security updates. The best policy is to upgrade your device to a supported version. However, this is unlikely to be practical in all cases and there are a few things you can do to make your device more secure:
- Install an Anti-virus product (e.g. AVG, BitDefender) – TechRadar has a lot of reviews on such products, but again make sure you are installing a genuine version as these can be laced with malware
- Keep apps up to date by installing the latest version from the Play Store
- Do not side load apps onto your Android device
- Do not root the device, which gives you full access to the OS, but also allows hackers to bury malware deeper into your device
- Be extra careful about clicking on links as these can load malware.
The above guidance also applies to supported devices, PC’s, MACs, iPhone/iPad, etc.
I also suggest you look at the our guidance on The Dangers to using Unsupported Devices and Software.
I hope this blog post has been useful in setting yourself up to work securely at home. I will update this blog post with additional material as I either find it or think of it, so keep coming back to our site for the latest guidance.
A lot of what I have written above is common sense and should be apparent to anyone reading this our blog. However, if you know of anyone that does not read our blog, then please send them a link to our site and specifically this blog if they are working from home.
I hope you all have a good experience working form home, but more than anything a secure experience. I expect while we have this crisis tensions will become frayed among people cooped up at home. However, please be kind to each other and cooperate especially if someone in your household is trying to do a normal days work while remote from their usual office environment.
Try to use low bandwidth entertainment when someone is working to give them the best chance to get their work done. How about getting a Kindle app for your phone/device and read rather than watching videos on YouTube. There are so many alternatives to keep your mind busy and your family occupied that don’t involve using valuable internet connection bandwidth. Be creative.