{"id":2336,"date":"2020-03-26T14:18:00","date_gmt":"2020-03-26T14:18:00","guid":{"rendered":"http:\/\/blogs.kent.ac.uk\/unikentcomp-news\/?p=2336"},"modified":"2020-05-14T10:17:44","modified_gmt":"2020-05-14T09:17:44","slug":"working-from-home-risks-online-security-and-privacy-how-to-stay-protected","status":"publish","type":"post","link":"https:\/\/blogs.kent.ac.uk\/unikentcomp-news\/2020\/03\/26\/working-from-home-risks-online-security-and-privacy-how-to-stay-protected\/","title":{"rendered":"Working from home risks online security and privacy \u2013 how to stay protected"},"content":{"rendered":"
GaudiLab\/Shutterstock<\/a><\/span><\/figcaption><\/figure>\n

Jason Nurse<\/a>, University of Kent<\/a><\/em><\/p>\n

Remote working can be a blessing. More time with family, less commuting, and meetings from the comfort of your living room. But as millions across the world switch to working from home due to the COVID-19 pandemic<\/a>, they may be putting the security and privacy of themselves, their families and their employers at risk.<\/p>\n

Many will be using online collaboration tools, such as Zoom<\/a>, Slack<\/a>, and HouseParty<\/a> to stay connected to colleagues and friends now that physical contact is restricted.<\/p>\n

Zoom, the most popular of the video calling platforms, allows call hosts to track attendee attention<\/a>, and in particular, whether you are in the Zoom window (as opposed to checking email or playing a game, for instance). Zoom also collects a host of other personal information<\/a> such as each caller\u2019s location data, operating system, IP address, and what kind of device they\u2019re using, whether it\u2019s an Apple Mac, iPhone, Android or Windows device.<\/p>\n

Zoom has had its share of security problems. A now-fixed software bug<\/a> had allowed anyone to find and join a meeting. There was<\/a> also a problem with its software<\/a> which could have resulted in any malicious website turning on your camera and watching you unawares. And Zoom Bombing<\/a> is now a thing. It involves trolls using Zoom\u2019s screensharing feature to display vile content, including violent videos and shocking pornography.<\/p>\n

\"\"
Video conferencing apps give colleagues a glimpse into your living space. But who else might be watching?<\/span>
\nNew Africa\/Shutterstock<\/a><\/span><\/figcaption><\/figure>\n

Another popular tool is Slack, which as it states<\/a>, \u201cis the place for remote work\u201d. A core feature of Slack is its channels. These are spaces to share messages and files with colleagues on particular topics and projects. While paid accounts have some control over how long their channel or private message data is kept by Slack, free accounts are much more limited<\/a>. This could mean that your messages (including direct messages complaining about your boss or a colleague) are accessible to others, even if they aren\u2019t to you.<\/p>\n

For many people, working remotely is a completely new experience. Some are celebrating the novelty by using the #WorkFromHome<\/a> hashtag on social media, and sharing posts that include photos of home office setups, and friends and family members.<\/p>\n

This may seem benign, but it can actually expose a variety of sensitive personal information<\/a> about you and those around you.<\/p>\n

For instance, posting photos of homeworking setups, which happen to include letters, post or Amazon packages, can publicise your home address. Sharing photos and names of family members or pets may provide hints about your passwords<\/a> or even expose your location<\/a>.<\/p>\n

The now popular practice of sharing screenshots of Zoom work group chats<\/a> or HouseParty<\/a> video hangouts<\/a>, also has its privacy risks, given the fact that companies have been known to indiscriminately gather the photos we share online<\/a> and use them without our permission. This means anyone could match offline photos of us directly to our online profiles on Twitter, Facebook or LinkedIn. Some companies have even been known to use our photos in adverts<\/a>.<\/p>\n

Well-equipped cyber-criminals<\/h2>\n

Largescale remote working is a security nightmare for employers<\/a>. As remote access to corporate networks is rolled out, cyber-criminals have their pick of places to attack.<\/p>\n

Cyber-criminals are well aware of this, and have already begun to launch targeted attacks. According to the latest statistics<\/a>, coronavirus-related fraud reports have increased by 400% in March alone. There have been scams for COVID-19 tax refunds<\/a> and others impersonating the Centre for Disease Control to request donations<\/a>.<\/p>\n

Criminals have impersonated staff from the World Health Organization (WHO)<\/a> and there have been extortion emails<\/a> that threaten to infect recipients with coronavirus unless they pay up. Even coronavirus outbreak and infection-tracking maps are being used to spread malware<\/a>.<\/p>\n

These problems are made worse by the reality that many of us will be using personal, and potentially less secure home devices, such as laptops, phones and USB drives, for work tasks. Most people aren\u2019t accustomed to maintaining workplace security practices<\/a> over long periods in our homes, with kids, distractions and other commitments.<\/p>\n

 <\/p>\n

How to stay safe<\/h2>\n