By DeVry University
November 29, 2021
7 min read
Cybercrime is something every member of the workforce, whether working in an office environment or at home, should be concerned about.
There has been a recorded increase in cybercrime over the last couple of years. As more of our devices are connected through the internet, hackers are becoming more sophisticated. According to the website Statista, in fiscal year 2020, more than 30,000 cyber security incidents were reported by federal agencies in the United States, an approximate 8% increase from the previous year, and the U.S. government projects that it will spend nearly $11 billion on cybersecurity for fiscal year 2023.
Cybercriminals have also demonstrated an ability to exploit the migration of the global workforce from an almost exclusively in-office environment to flexible work arrangements, accessing computer networks and stealing or corrupting companies’ data through remote workers.
What can you do to protect yourself? This article provides a practical overview and cybersecurity tips for protecting your data, and your identity, while working at the office or from home.
What is Cybersecurity?
Cybersecurity is the process of creating a system of safeguards (using software, tools and habits) to protect data and network integrity. Also known as information technology security or electronic information security, cybersecurity prevents hackers and attackers from harvesting your personal or professional data from your devices.
A good cybersecurity policy for should provide a framework for helping employees become more educated about information security protocols and aware of how to recognize and avoid threats. If your job involves using a computer and the internet, you need cybersecurity measures to protect your data.
Three of the Most Common Cyber Threats
Cybercrime involves using a computer or device as an instrument to further illegal ends, such as committing fraud, trafficking in illegal content, intellectual property theft, stealing identities or violating privacy to name a few.
The term “cybercrime” covers a wide range of activities, but they all have one thing in common – cybercriminals use various methods to break into systems and steal data. The first step towards protecting your data and devices is by understanding what kind of threats are out there.
Malware, short for "malicious software," is a term used to describe any program designed to steal information from your computer. There are many different kinds of malicious software, including viruses, ransomware, adware browser hijacking software, fake security software and spyware. Malware is developed explicitly by cybercriminals or "hackers" to intrusively steal your data.
For example, ransomware is malicious software put in your system that will essentially hold your important information hostage until you meet the hacker's demands. A ransomware attack can shut down a victim's computer or encrypt their files remotely, removing them from your control. A different kind of malware, spyware, runs quietly in the background collecting your data and sending it back to the criminal, who can then use it for fraudulent purchases or illegal schemes.
Phishing scams trick users into sharing their personal information, such as usernames or passwords, on fake platforms, such as web pages, that pose as the real thing. Using this method, scammers can acquire sensitive data like passwords or credit card information simply by impersonating a trustworthy source, as long as the victim doesn't look too closely.
Phishing also includes fraudulent emails or text messages pretending to be sent from legitimate businesses in an attempt to collect sensitive personal information. Links in the email will redirect to a fake website owned by the scammer, where your personal data can be collected.
Hacking is the process by which someone obtains and uses another person's personal data in an unauthorized way. Hackers look for weaknesses in computer systems or network security to access sensitive data. Cybercriminals who utilize hacking look for private or restricted information like your bank, social media and email account login information or passwords.
Why is Cybersecurity So Important?
While people might think that cybersecurity is only crucial for large corporations with sophisticated networks and mountains of sensitive data, it's actually a vital measure for everyone and anyone who uses a computer on a regular basis.
Cybersecurity is also important for remote workers since they work with company data, and because their home’s network may not have the same level of protection or security measures as their work’s network.
How to Prevent Cyber Attacks at Home
Working from home or from a remote location can have many benefits, but it also comes with its own set of security concerns. One of the biggest safety risks for someone who lives and works remotely is an attack on their personal computers, smartphones or other internet-connected devices. Because there are often fewer cybersecurity safeguards in place for remote workers than for those who work in an office environment, remote workers can be more vulnerable to cyberattacks using social engineering tactics.
The goal of cybersecurity is to keep your sensitive information as safe as possible by removing vulnerabilities and keeping access away from hackers. Remote workers and freelancers need to take extra precautions to implement cybersecurity measures, especially if they’re working with sensitive information.
There’s an array of cybersecurity tools, habits and software you can use to protect your devices and data from malicious attacks. It’s also beneficial to stay informed. Ready.gov has a wealth of information and tools to help consumers educate themselves on cybersecurity and what to do if targeted.
Here Are 15 Effective Tips for Cyber Security
1. Protect Your Devices
There are many methods to help safeguard your devices from cybersecurity threats, including:
- Keeping your devices up to date by turning on automatic updates to save time and to avoid missing a hardware or software update for your devices than could strengthen its security.
- Install security software on your devices for firewall, antivirus and browsing protection.
- Never leave your work or personal devices alone and unlocked in a public or crowded area, even for a moment. Doing so can leave them and your data vulnerable to theft.
- Purchase or request an external hard drive from your company that can be disconnected when you're not actively using the work files.
- Cover or disconnect your webcam when not in use to prevent hackers from potentially gleaning personal information from your environment. The same kinds of malware and viruses that can harvest data from your devices can also be used to embed software that records whatever is in your webcam’s field of vision.
- Don't connect to public WiFi networks or random hotspots unless you trust them or have antivirus software, firewalls, or a VPN running in the background.
2. Guard Your Personal Information
Keeping personal and company information secure is a vital habit to develop. Below are some cybersecurity tips for remote workers that help prevent identity theft and protect your personal information:
- Avoid phishing scams by verifying the sender before opening, clicking or replying to emails. Don’t give out personal identification to unprotected or unofficial websites. When in doubt, ask your employer for clarification.
- Avoid using public WiFi when accessing work servers or software, which may not be encrypted and can leave your device and personal information open to being hacked.
- Don’t volunteer information to strangers or new acquaintances about your job unless you know you can trust them or someone you trust can vouch for them.
3. Increase Password Security
It’s good practice to change your passwords often, randomize them and not reuse them. More ways to keep your passwords secure include:
- Using trusted password manager programs to keep track of and protect the privacy of your passwords.
- Avoid using the save password feature on your devices without added security measures, such as fingerprint identification or facial recognition.
- If you must input your password out in the open, prevent others from seeing by using privacy screen protectors while using your laptop or phone out in public.
4. Utilize Encryption Technology
Encryption technology converts information into secret codes so that only the intended recipient can read the message. Utilizing encryption technology can help you protect data from unauthorized access and potential leaks.
If you are working remotely, keeping an active virtual private network (or VPN) installed on your devices may be recommended. VPNs cloak your device’s location and scramble information transmitted over a WiFi network using encryption technology, protecting your data and preventing hackers from intercepting it.
You may want to also encrypt sensitive data on your mobile device if you use one for work, by installing mobile VPN apps from trustworthy sources.
5. Use Multi-Factor Authentication (MFA)
Multi-Factor Authentication is a security process that makes it difficult for hackers to access your devices by requiring additional identity verification steps.
Two-factor authentication (2FA) is a type of multi-factor authentication requiring two different identification types before granting log-in access. Whenever possible, use two-factor authentication log-in options on online platforms.
6. Use and Update Anti-Virus and Firewall Protection
Computer viruses are often introduced into a computer or network and spread without detection, performing unwanted and malicious actions that affect the computer’s performance and data. Antivirus software generally works in several ways – detecting viruses in computer systems, removing them, and preventing them from infecting your computer in the future. Like a house with an open door, a computer that is left unprotected by antivirus software or a strong firewall may attract intruders and thieves.
How much damage can viruses do? A few examples include:
- Slowing down the computer
- Damaging or deleting files
- Reformatting the hard drive
- Causing crashes or data loss
- Preventing the computer from performing tasks
7. Keep Software Up to Date
It’s important to keep the software and operating systems on your devices up to date. If you’ve been ignoring those update reminders, the antivirus software provider Norton offers these 5 tips:
- Updates are actually revisions in software and operating systems that can repair or patch security flaws, add new features to your devices and remove outdated ones.
- Hackers love security flaws and write code to target these vulnerabilities. Software updates include patches that cover these holes and keep the hackers out.
- Updating software and operating systems protects your Personally Identifiable Information (PII) from hackers who might be able to pick it up from emails or bank account information.
- Software and security updates will help prevent the spread of a virus form you to friends, family and business associates.
- Updates are likely to offer other benefits, like new features or a boost in speed that will make you more productive – or less frustrated about your slow-running computer.
8. Regularly Back Up Data
You probably have more important data on your computer hard drive or phone than you might realize, and a good portion of it may be irreplaceable. According to the folks at Norton, nearly a third of computer users have never backed up their device, and 70 million cell phone are lost each year. By backing up your devices you are already a step ahead of cyberthreats that might cause data loss.
What should you back up?
- Address books
- Pictures and videos
- Music files
Businesses typically have an IT department with backup systems and software in place. It’s important to know how, and how often, your employer backs up data.
Data can be backed up to a removable device like a thumb drive, an external hard drive or the cloud, depending on how much space is needed for your files. The best data backup method is the one that suits your needs considering factors like cost, the amount of storage space you need, security of your data and ease of access to your data after it’s backed up.
9. Be Cautious of Links
Viruses and malware are often spread through links in email messages. Even if the message appears to be from someone you know, you should be extra cautious and avoid clicking on any links in the message unless you’re absolutely sure the message and the link it contains are both legitimate.
10. Don’t Save Payment Information
It may be tempting to save your credit card information with ecommerce websites or in your web browser, but this added convenience could also be putting you at risk for fraud. The company storing your credit card information could be vulnerable to a data breach. Manually entering your card information each time you make a purchase might be less convenient, but it also might substantially reduce the chance of it being compromised. Consider the “kid factor” as well. Children who have access to your laptop or tablet may accidentally or intentionally make purchases without your consent using your much-too-easily-accessed payment information.
11. Avoid Unknown or Suspicious Sites
Fake websites are commonly used in phishing scams where cybercriminal imposters trick you into submitting personal information like passwords and account numbers. For example, an email message that looks like it’s from your bank tells you about a data breach and asks you to click on a link to reset your password. In this case, the crooks are wolves in sheep’s clothing, creating a false sense of urgency and exploiting your natural tendency to protect your account.
What’s really going on here? That link goes to a fake website where the crooks are waiting for you to hand-deliver your personal information right to them. To protect yourself, find out about the ways to identify fake or unsecure websites.
12. Be Careful Sharing on Social Media
Take extra security precautions and avoid over-sharing on social media. It’s a good idea to use a different password for each social media platform you use. Turning on two-factor authentication will add an extra layer of protection by requiring a code to be sent to your phone or generated by an app like Google Authenticator. It’s also a good idea to lock your phone if you must leave it unattended.
Avoiding clicking on clinks from people you don’t know in social media feeds, as they could lead to malicious websites. Over sharing on social media can get you into trouble. Be careful what you post, as cybercriminals could gather information about where you live and/or work, or when you’re not at home.
13. Avoid Unnecessary Downloads
Viruses and malware are commonly delivered through downloads. Excessive or careless downloading is an easy way to turn even a brand-new computer that’s running smoothly into one teeming with spyware, malware and other nastiness. While searching online for free software such as iTunes or Adobe Flash Player, for example, it’s easy to be redirected from their official sites to imposters that stealthily install software on your computer that you don’t want or that may be carrying a secret payload of malware.
Websites often ask you to download information or images that will help you to learn more or entertain you in some way. The simple rule here is don’t download anything to your device unless you trust the source and are sure of what you’re getting.
14. Beware of Social Engineering
Social engineering defines a category of tactics used by cybercriminals to gain the trust of their targets by using the psychology of persuasion as an old-school grifter or con man would. In a typical social engineering attack, the cybercriminal will present themselves as someone from a trusted organization – say your bank or credit card company. They will encourage the victim to take further action, like clicking through to a website where they urgently need to change their password or submit personally identifiable information.
What makes attacks using social engineering so dangerous is that fooling a single victim into taking a single action can provide enough information to enable an attack that could compromise an entire organization.
According to Cisco, types of attacks using social engineering include:
- Phishing: The most common scams using social engineering, these attacks typically take the form of an email that appears as if it’s from a legitimate source. Attackers will coerce victims into providing personal financial information or some employee login information that could be used to launch attacks against the company’s data systems.
- Watering hole attacks: In this type of attack cybercriminals set a trap by compromising a website they think is likely to be visited by a particular group, rather than targeting the group directly. Attackers compromise the website (the watering hole), single out an individual from the group, then carry out further attacks once that individual’s device has been compromised.
- Business email compromise attacks: In this form of email fraud the attacker impersonates a C-level executive and attempts to trick the intended victim into performing a common business function for an illegitimate purpose, such as wiring money to him.
15. Delete Sensitive Information When It’s No Longer Needed
The Federal Trade Commission offers sound guidance on this aspect of cybersecurity for businesses. They say if you don’t have a legitimate business need for sensitive personal information, don’t even collect it. If you do need it, keep it only as long as it’s necessary.
In addition to scaling down, properly disposing of information that you no longer need is a good policy. If you no longer have it, criminals can’t take it. Deleting files using simple keyboard or mouse commands usually isn’t enough because the files could still be retrieved from the computer’s hard drive. When disposing of old computers and portable storage devices, use software called “wipe utility programs” to wipe them from a computer’s hard drive and make them no longer recoverable.
Grow Your Knowledge of Cybersecurity
Begin or continue your education at DeVry, with our Undergraduate Certificate in Cyber Security or our Bachelor's Degree Specialization in Cyber Security.
Our cybersecurity programs are designed to help you develop the skills you need as you prepare to pursue your career. Earn your degree on your schedule, with flexible options like our 100% online classroom structure. Classes start every 8 weeks.