Working from home has become the norm, and it’s not going away anytime soon. How do we secure our Windows computers when working outside the office? As you’ll find out, it’s much more than using a VPN or having a strong password.
Don’t Skip the Cybersecurity Awareness Programs
Many companies will provide you with a work computer to use when working remotely as part of your job, but Bring Your Own Device (BYOD) policies are also common. In both cases, you’ll need to know how to protect your computer. Many companies also have cybersecurity awareness programs that teach you how to maintain your security and develop good security habits when working from home.
Cybercriminals are constantly improving their tools and technologies, building more sophisticated strains of malware, and new security vulnerabilities are always being found and exploited. So it’s essential not to skip these cybersecurity programs, no matter how “basic” they may seem. Everyone is a target, no matter how much security we’ve got in place—from large businesses to the average Windows user. Building awareness and knowledge about how to protect against cyberattacks is the first line of defense.
Use Windows Firewall as a Shield
In a basic sense, a firewall works as part of your security to shield your network by acting as a filter that works around the clock, scanning data and keeping anything suspicious from coming through. Fortunately, Windows has a firewall already built-in and is automatically turned on for most users.
To double-check that it’s turned on, click the Windows Start menu (or use the keyboard shortcut Windows+i), and search for Firewall.
A window will appear and show you if the firewall is turned on or not. In this case, it’s turned on:
Keep It All Up to Date
It’s vital to keep your Windows up-to-date and ensure any other applications are also up-to-date. Software updates often have security patches, which are fixes for bugs or vulnerabilities that the developers have fixed. To get the latest security patches, it’s essential to stay updated; otherwise, you risk leaving your computer vulnerable.
Microsoft has enabled automatic updates for both Windows 10 and 11. If an automatic update fails for some reason, you can install updates manually on Windows. However, for other applications such as Microsoft Edge, Chrome, and others, you’ll need to manually update.
Confirm Your Antivirus Is Working
Windows Security includes an antivirus that actively protects your device from the moment you turn it on. It continually scans for malicious software, viruses, and other security threats. To check that this is turned on, click the Windows Start menu and search antivirus:
Once the window opens, you’ll be able to see when the last scan was:
Strong Passwords Are Still Crucial
Password security should not be underestimated; ensure that all your passwords are unique and carefully picked to prevent unauthorized access. But what exactly makes a strong password?
A strong password is complex and unique. Don’t use the same password for anything else and make sure your passwords are a combination of special characters, letters, and numbers, and that it doesn’t follow a predictable pattern, e.g., “123.” The longer the password, the better. You should change your password frequently and avoid using any abbreviations of your name, date of birth, pet’s name, or similar information.
One classic mistake is leaving physical copies of your password around your workspace. You can use a reputable password manager to store your passwords. Never share your password with anyone.
Use Multi-Factor Authentication (MFA)
Multi-factor authentication is another account security measure where you are required to verify your identity in more than one way when logging in to an online account, including using your password. Some options include scanning a fingerprint or entering a security code sent to the user’s phone or email.
Aside from having a good password policy, there are other ways for unauthorized access through account login. If one type of login is ever compromised, having multi-factor authentication setup gives you another layer of account security. This makes it harder for unauthorized users to gain access. I recommend using MFA where possible. This includes and not limited to, email accounts, banking, and financial apps, as well as social media.
Don’t Plug in Random USBs
Many IT teams now have a USB-blocking policy in place to prevent employees from plugging in USBs. However, if you’re still able to insert USBs or other external drives, be cautious. Malware such as ransomware can spread through these devices, and all you have to do is plug it in. Avoid inserting USBs and other external devices that do not belong to you.
This also applies to installing any unapproved software. Many companies have a list of approved and allowed software for their employees, so make sure to ask the relevant department.
Say No to Torrents
When working from home or using work-issued devices, stay away from torrents and pirated material. Not only is it illegal, but pirated content often comes from unverified sources, making it a common vector for malware. I recommend avoiding streaming or downloading content that does not come from a trusted source, since it may also contain malware. Online scams are also on the rise.
Avoid Public Wi-Fi as Much as Possible
Not all Wi-Fi networks have the same level of security; some are weaker and can be susceptible to cyberattacks, such as man-in-the-middle attacks (MITM). Public Wi-Fi networks, such as those in coffee shops or libraries, are notorious for having weaker network security and should be avoided as much as possible.
If you need to connect to public Wi-Fi, use a trusted VPN. A VPN can give you an extra layer of security because it will encrypt the traffic between the connected device and the network. Using personal hotspots by connecting to your mobile network can also be a safer alternative.
Physical Security Is Just as Important
Don’t forget to be security conscious of your environment. Ensure your work-from-home setup is in a private environment and that you turn off your computer completely after you’re done using it. If you’re going on a quick break, you can lock your screen (by pressing Windows+L as a shortcut), but there are also other ways. You’ll be prompted to enter your password to log back in to your computer.
Windows security doesn’t have to be complicated, but since cybercriminals keep us on our toes, having a combination of good security practices can give us a slight edge in staying secure.
