Many of us are still working from home due to the Corona pandemic, and up to 20% of companies want to keep the home office option “after Corona” open.
However, some grave mistakes can be made at home, which in the worst case can result in company data or even the company network being compromised.
We now show you the six most common mistakes in the home office – and how you can avoid them!
The 6 most common mistakes in the home office
Everyone is an administrator
- Daily work is carried out with a user account with administrative rights in order to “be able to install something yourself”. Administrative rights are also the starting point for malware infections (malware, encryption Trojans, etc.)
- Better: Strict separation of administrator and user accounts!
Email attachments: “just open them!”
- In December 2019, an average of 153 billion emails were sent every day (!) with malware or as spam (Source). They exploit gaps in the virus scanner or arrive as supposed documents (PDF, Word, PowerPoint, Excel, …), but actually run a script!
- Better: Never click on attachments from unknown senders! If the sender is known, but the email is suspicious, then ask in a new (!) email whether the attachment really came from them (keywords: distribution via the address book).
Unknown networks – surfing in the cafe around the corner
- Open WLANs are “open”, i.e. every user can see the computer of all other users. Sharing can be used because they are usually open to “everyone”.
- Better: The same applies to networks: do not just log in or plug in anywhere! If possible, do not use public WLANs, hotspots etc. It is much better to connect via your cell phone (with a data rate) and maybe surf a little slower but still be safe. Never exchange data over an external network without encryption. Secure your own W-LAN at the very least with WPA2 (router setting).
Working and surfing over the web
- Browsers are the gateway for so-called “drive-by downloads”. You don’t even have to click or download anything, because this malware explicitly searches for vulnerabilities in the system and exploits them. Average time to infection: 0.5 seconds (Source, pdf).
- Better: Do not visit unknown websites! Do not download from unknown sources! If you suspect something: switch off the PC (do not shutdown, switch off the power!) then get help!
“Oh look, I found a USB stick”
- USB sticks can not only run a program automatically, they can also use special hardware to install malware or destroy the computer. A smartphone is also a USB device! And even an e-cigarette can transmit malicious software (BSI: “Smoking is harmful – also for your computer: e-cigarettes as Trojan Horses”).
- Better: Never insert unknown USB sticks into the PC! Ideally, USB ports should simply be deactivated. Charge your USB devices using only normal chargers, not via the PC!
Passwords – Why 123456 is NOT a password
- The Hasso Plattner Institute analyzed the top 10 passwords in 2019 based on stolen user accounts (Source, German only). Number 1 worldwide (seven years in a row): 123456. The main problem is the use of the same password for all accounts, meaning anyone can usually open all your other accounts with it too (“Forgot password” function).
- Better: length does matter! Machines don’t care about the characters themselves, so always use long passwords! Always use a different password for each account! Use a password manager to a) store passwords securely and b) generate secure passwords.