Staying Safe Online While Working From Home
With the current response to the COVID-19 pandemic, many of our alumni and friends find themselves suddenly working remotely. This is resulting in some major changes to existing workflows within every sector of our economy.
Matt Hayes, Executive Director of Alumni Relations, sat down with John Sammons, Department Chair of the Digital Forensics Program here at Marshall in order to gain insight as to how our alumni and friends can work productively and safely in a remote capacity.
John Sammons, Department Chair of Digital Forensics Program
Q: John, thanks for making time to share with our alumni and friends today. What is your assessment of the response to this pandemic?
A: Thanks Matt, it’s absolutely my pleasure. From a cyber security perspective, I’ve been encouraged by the number of companies and organizations offering resources and advice to everyone suddenly working from home and perhaps without their normal level of support from their employers.
Q: In your opinion, what do you believe are the greatest risks our alumni and friends face when working remotely?
A: I think we need to look at this from a couple of perspectives. First, we need to be thinking about how we can protect our work laptops, home computers, and the data we produce. Second, we need to think about our kids and their access to technology during these days at home. Online predators certainly won’t be taking time off during this situation.
Bad actors (criminals and some nation states) are going to attempt to take advantage of this situation through a variety of means, including phishing emails.
The flow of accurate information is going to critical in the coming days as we go through this situation. There is a lot of information out there on social media that is simply false or at best misleading. People need to stop blindly sharing things on social media without giving any consideration to the source or intent. People are being manipulated into sharing content through their sympathies and political biases. We see examples of this every day.
How many posts did you see on your feed today that says “I bet I won’t get even one like” or something similar? If it’s anything like mine, there were several. We’re being conditioned to share things automatically. That is exactly what the bad guys want. Users must take some responsibility for the content that’s distributed via social media. We may not be able to stop the initial post from being made, but we can definitively stop its circulation.
Q: What specific recommendations would you make to ensure an appropriate level of security for all of our readers?
A: First, I think everyone should ensure that their operating systems and applications are patched and up to date. Second, everyone should be using some sort of anti-virus software to detect and quarantine any malicious software on their systems. Third, they should always back-up their data. Fourth, people should be using strong passwords.
A big thing people can do now (and always) is to be EXTREMELY cautious before opening email attachments and clicking on links. I never click on either of those things without knowing for certain what it is and who sent it. Always think before you click. Taking this step alone will significantly reduce the risk of malware infection.
For the kids, parents should be aware of their internet usage and communications. I would also recommend that parents discuss Internet safety with their children. They should be made aware that they shouldn’t talk to strangers for any reason. Parents should also let their kids know that not everyone is who they say they are on the Internet. This includes gaming platforms like Playstation and xBox.
Q: Are there certain software or social media platforms that we need to be more cautious with as we work remotely?
A: I would say that all have some risk. There are bad actors and predators on all of them. None of them are totally safe.
Q: Are there any additional best practices that come to mind?
A: I think people need to really be protective of their work-from-home technology. It’s going to be really important for all of us to maintain the capability to work from home.
I think people should try to keep their work computer, phone, etc. for work only. Sharing it with others, particularly children, could increase the chances that something goes wrong.
I think people just need to be more thoughtful when using technology. The good news is that much of the security risk can be reduced by changing our habits and behaviors. Thinking before we click and share will make a tremendous difference.
Q: If our readers have any questions, what are some websites and resources you would recommend for them to research?
A: There are several solid resources out there. Here’s just a few that should be helpful:
SANS Work From Home Fact Sheet – https://security-awareness.sans.org/sites/default/files/2020-03/02-SSA-WorkingFromHome-FactSheet.pdf
SANS Video on Protecting Your Kids Online – https://cc.sans.org/courses/9a6c0685-0232-44c5-9083-3f53710a867f/0/courseware.htm
OUCH! Newsletter: Securing Today’s Online Kids – https://www.sans.org/security-awareness-training/ouch-newsletter/2017/securing-todays-online-kids
We hope you found this information to be most timely and useful as together we navigate these unchartered waters. Learn more about the Digital Forensics Program at Marshall University by visiting https://www.marshall.edu/forensicsciences/dfia/
If this was helpful to you, please “Like” and “Share” on your favorite social platforms and help those around you work as safely as possible in digital spaces.