Work From Home Tips

In Financial Services Technology, Technology by Matsco Engineering Team

As we approach the end of the year with some clients transitioning back to the office, and some clients still working from home, we thought it would be good to write up a refresher on work from home best practices.

The following includes tips on cybersecurity, recommended hardware + software, and general technology recommendations. Be sure to reach out to your account manager if you have any questions!  

Best Practices While Working from Home

Habits to Form + Habits to Break

  • Lock or shut down your computer when not working on it
  • Limit working on mobile devices
  • Do not download unknown software or click on unknown/suspicious links
  • Do not save passwords or any confidential information locally to browsers, hard drives, or removable storage devices
  • Perform software and Operating System updates regularly
  • Do not give access to your computer to anyone, including family members
  • Close browsers and applications used daily
  • Remain vigilant when opening e-mails or clicking on links and URLs (always check the source of links and odd-looking emails)
  • Shut down any VPN connections (if applicable) when not in use
  • Do not print or make copies of confidential data or business information
  • Keep your access credentials and passwords safe
  • During video calls, avoid oversharing your screen and be mindful of your background

Recommended Security

  • Ensure you have updated anti-virus and anti-malware on your computer
  • Install a firewall device to protect the network environment (note: recommendations vary based on budget and hardware availability)
  • Provision a Static Public IP from your Internet Provider to allow a dedicated site-to-site VPN to be configured (if applicable)
  • Only connect to office devices/shares over a secure VPN connection only (if provisioned by IT)
  • Install a secure Wi-Fi environment within the environment (full encryption on traffic)
  • Engage Matsco to remove bloatware and adware from your desktop / laptop
  • Make use of web filtering solutions to scan websites and traffic for malware to ensure you have the same safety at home as in the office
  • Harden your mobile device security, including turning on and configuring encryption, and enable “find my device” and remote wipe
  • Invest in a webcam cover, or unplug external webcams when not in use

Email Security

Emails are essential for communication yet remain one of the easiest means of communication to exploit and compromise.
The UK’s National Cybersecurity Centre (NCSC) has made numerous recommendations for helping protect staff while working from home, including in the use of emails. As well as calling attention to phishing scams which are becoming more prevalent, they advise the following measures for protecting email accounts:

  • Ensure devices encrypt data while at rest, which will protect email data on the device if it’s lost or stolen. Most modern devices have encryption built-in, but encryption may still need to be turned on and configured.
  • Beware of phishing attacks which appear to be taking an ever-growing number of forms.

Working from Home Security Tips for Employers

Employers should consider the following when staff is working from home:

  • Do you have a documented work from home security policy?
  • Do you have a BYOD (Bring Your Own Device) policy?
  • Do you provide cyber security awareness training to employees?
  • Do you train staff to be alert to phishing attacks and how to avoid falling victim to them?
  • Are you ensuring that staff use a VPN, and is this set up correctly and kept up to date with security patches?
  • Is the platform you use for staff video teleconferencing secure with end-to-end encryption?
  • Are you requiring that any files saved locally are replicated back to the office through either VPN to the file server, Egnyte, or OneDrive?
  • Do you use mobile device management requiring strong and safe passwords on mobile devices?
  • Is two-factor authentication required to validate credentials for all business systems?
  • Do you use web filtering and mobile device management to ensure staff uses corporate email solutions for the storage or transmission of corporate data?

Matsco Recommended Solutions and Software

  • Multi-Factor Authentication
    • Cisco Duo Access
    • O365 Multi-Factor Authentication
  • Web Filtering
    • Cisco Umbrella
    • Forcepoint WebSense
  • Email Filtering and Security
    • Mimecast Secure Email Gateway
    • Sophos Email Security
  • Anti-Virus
    • Sophos Central Intercept X
  • Archiving Services
    • Mimecast Archiving
    • Smarsh
    • Global Relay
  • Endpoint and Mobile Device Management
    • Microsoft 365 Endpoint Manager
    • VMWare Airwatch
  • Recommended Workstation/Laptop Models
    • Business-level Laptop / Desktop that supports Biometric Security
    • Windows 10 Professional OS
    • Encrypted SSD hard drives
  • Laptops
    • Thinkpad X1 Carbon
    • Thinkpad T490
    • HP EliteBook x360
    • HP EliteBook 840 G7
    • Dell Lattitude 9420
  • Desktops
    • Dell Precision 7920
    • HP Z2 Workstation
    • HP Z4 Workstation
    • HP EliteDesk 800 G3

Share this Post