This document breaks down a few basic and intermediate areas for securing your digital devices and router infrastructure while working remotely.
- Important documents, thumb drives, and other devices are locked in a safe or file cabinet, which is mounted to something that would be difficult to carry out of your house
- When working outside of the home on an untrusted wi-fi network, you use a trusted VPN solution to connect to the internet
- The default password on your internet router has been changed to a robust one (such as a 20-character random password stored in your password manager)
- You use dedicated work machines for work and personal machines for personal use
- Semi-trusted devices such as cloud-networked devices are connected to your Wi-Fi Guest network
- Guests are restricted to your Wi-Fi Guest network
- You use a robust Wi-Fi access point password, such as a 20-character random password saved in your [ ] Password Manager, and enforce modern encryption (WPA2-PSK with AES or greater)
- You have disabled WPS on your Wi-Fi router
- You have disabled Universal Plug-N-Play on your Wi-Fi router
- You have enabled any firewalls and DoS protection mechanisms on your router
- Important documents once used are shredded
- When possible, you use an ethernet connection to your router instead of Wi-Fi
- Your work machines are network segmented from other devices at home, such as through the use of the Three Dumb Routers setup or Guest networks with networking disabled between devices
- https://www.lifewire.com/wireless-home-network-security-tips-818355
- https://choosework.ssa.gov/blog/2020-01-30-working-remotely-home-office-safety-and-security
- https://blog.fentress.com/blog/physical-security-tips-for-the-home-office
- https://www.consumer.ftc.gov/blog/2020/03/online-security-tips-working-home
- https://www.computerworld.com/article/3532352/12-security-tips-for-the-work-from-home-enterprise.html