Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

3/26/2018
01:00 PM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
100%
0%

8 Security Spring Cleaning Tips for the Home Office

Use these ideas to sharpen up your home office machine against potential intruders.
Previous
1 of 9
Next

Officially, it became spring early last week, although people in the snowbound Northeast are anxiously awaiting the arrival of the actual spring weather that brings flowers, green grass, and baseball season.

So wherever you live, if you run and manage a home office, now’s a good a time to do some spring cleaning so your devices are less vulnerable to malware and potential threats. While this may seem to affect only a small percentage of workers, it’s really not the case anymore. A Gallup survey from last year found that 43% of employed Americans work from home at least some of the time.

T. Frank Downs, director of SME cybersecurity practices at ISACA, says home workers have to conduct themselves just as they would in the office.

"People have to be aware of their surroundings and operate the same way, being sure not to open up suspicious emails, weird attachments or install thumb drives that might come in the mail," Downs says.

Russell Schrader, executive director of the National Cyber Security Alliance, adds that cleaning your machine is one thing - keeping it clean is yet another task.

"Once you get your machine clean you'll want to keep it clean," Schrader says. "It's really important to keep on it, always asking if you really want to share that document or download the latest cool application you saw. The idea is to be mindful of security and build habits that will make it easier for you to keep it clean. It's like your house, once you clean it well one time it's easier to keep it clean moving forward."

The eight tips in the slideshow are based on interviews with ISACA's Downs and NCSA's Schrader. They offer some practical advice on how to keep applications up-to-date, how to handle public hotspots and keep your home router up-to-date. 

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md.
View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Arthur Heath
50%
50%
Arthur Heath,
User Rank: Apprentice
3/29/2018 | 6:22:30 PM
Great Article! Using a VPN is a great reminder
Great security tips! Leveraging VPNs is definitely a great way to protect one's data. I found another article that details the different security protocols VPNs use:

IP Security

Layer 2 Tunneling Protocol

Point-to-Point Tunneling Protocol

Secure Sockets Layer

Secure Shell

https://gizmodo.com/5990192/vpns-what-they-do-how-they-work-and-why-youre-dumb-for-not-using-one

 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
Jai Vijayan, Contributing Writer,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...