Imagine having to explain to a client that your additional “business expense” went to a ransomware payment to recover their proprietary data. Not a comforting situation but a realistic one. As a freelancer, you pass terabytes of confidential data through your devices, router, and public Wi-Fi networks. That makes you a tantalizing target for enterprising cyberthieves looking to steal your clients’ information and identities.
Here are the top five cybersecurity mistakes you may already be making.
Not securing passwords
Secure passwords are the key to your clients’ data, so don’t follow standard password logic of using “123456” or “password”. Cyberthieves can guess even difficult passwords with specialized software, so don’t make their jobs any easier. Create secure passwords that are easy to remember and hard to guess and never duplicate passwords across accounts.
Pro tip: Download a free password manager that automatically generates strong passwords for you and remembers the ones you’ve created. Password managers also make it easier to change your passwords, something you should do every three months. Even password managers have been hacked, so be careful with this information.
Assuming public Wi-Fi is safe
Coffee shops and libraries are popular freelancer hangouts, but their public Wi-Fi connections present security concerns. Rule number 1: Never assume public networks are safe. Cyberthieves hack into public Wi-Fi networks and steal passwords, credit card numbers, or install malicious software. To swipe your sign-in credentials, hackers create fake login pages for public Wi-Fi networks. Just because it says “PublicLibrary_WiFi” doesn’t mean it’s the real thing.
Pro tip: If at all possible, do not use public networks when dealing with confidential information. If you must use a public network, before logging in, check the address bar of the public network login page and make sure it’s a secure site. It should have a padlock icon and start with “https”. There are browser extensions that will automatically check whether a site is secure and warn you before you sign in.
Not using a virtual private network
Virtual Private Networks or VPNs help secure your client’s information by encrypting your browsing data and routing it through a smaller, private network. VPN servers pass along encrypted data without identifying who sent it or where it originates, so they keep things nice and anonymous. VPNs offer encryption at every step of the browsing process — including logging into public networks — so they’re a must-have for any type of remote work.
Pro tip: Any VPN worth its salt will have updated and compliant encryption methods. Out-of-date encryption will leave you as vulnerable as if you didn’t have a VPN at all. Don’t assume your VPN server is updated. Instead, find its IP address and run a compliance test to make sure your VPN is secure.
Being unaware of physical surroundings
Even the most secure passwords and encrypted VPNs won’t help keep your clients’ data safe if you’re careless with your remote work habits. Stay aware of your physical surroundings. Thieves can steal your laptop or screen capture information with their phones. Here are a few tips to stay cybersecurity-aware while you work:
- Make sure no one can see your computer screen, keyboard strokes, or written notes
- Lock your computer’s screen when away from it
- Shred documents that contain confidential information
- Never leave private, written information out in public (Post-it notes with passwords or account numbers)
- Remove remote storage devices like USB drives, CDs, or DVDs from your computer when you’re finished accessing the data
Pro tip: Laptop privacy screens are an inexpensive way to keep prying eyes out of your clients’ private information.
Passing on free antivirus software
The biggest mistake freelancers make is not taking advantage of free antivirus software. The best VPNs in the world won’t keep you from clicking on a phishing email or downloading malware. Cyberthieves use computer viruses like trojans and botnets to deliver data-destroying ransomware. With ransomware, you have to pay up or lose your clients’ data, which can lead to losing the client as well. Downloading free antivirus software increases your chances of avoiding these situations.
Pro tip: Some paid versions of antivirus software have built-in password managers and VPNs.
This story was submitted by Luis Corrons of Panda Security and does not constitute the views or opinions of Upwork.
The post Top 5 Cybersecurity Mistakes a Freelancer Can Make appeared first on Upwork Blog.