7 IT security tips for a remote workforce
Telecommuting cybersecurity
For many companies around the world, remote work has become essential to help stop the spread of the coronavirus.
Whether you’re new to working from home or your business is still adjusting, it’s important that your IT procedures don’t slip.
Without a remote worker policy and the right tools in place to mitigate risk, every remote employee can be a point of vulnerability for your IT security .
Here are 7 tips to help you and your employees work safely from home.
1.Use a virtual private network
A virtual private network (known as a VPN) creates a secure conduit for remote devices to privately access the corporate network. The VPN encrypts all communications and hides the IP addresses of employees. This greatly reduces vulnerabilities and generally makes hackers look for easier prey.
Because a VPN works behind the scenes, it doesn’t cause interruptions in productivity. Previously, a remote worker logged in directly to your network. Now they simply log into the VPN, and access the company in a simple, transparent and secure way.
2.Don’t make “temporary” changes to your firewall
Here’s the scenario: Employees are working remotely, possibly for the first time and probably on their personal devices, and they’re complaining that they can’t get on the network. To remedy this, someone decides to “temporarily” lower the firewall settings. On the surface, it worked because employees were able to access the network. Beneath the surface? Now the company is very vulnerable to cybercriminals.
Make sure your employees are clear that no temporary changes to firewall settings should be made to keep everyone safe.
3.Ransomware protection
Companies tend to think of IT breaches as hackers stealing data. They often rationalize their security decisions with the idea that there is nothing valuable for a hacker to steal. That might be true, but ransomware is something else entirely.
Ransomware can encrypt and lock your data, and the hacker often demands payment in exchange for returning it. This can greatly hamper productivity, so it’s important to be cautious. To make sure you’re protected, run malware software ; update your operating system, browsers and all software; back up your data so it can’t be taken hostage and train your employees to avoid phishing and other scams.
4.Be careful with “BYOD”
BYOD or “bring your own device” refers to a trend in the corporate world where employees use their personal devices for work. Do your employees maintain the latest malware prevention software on their own computers? Are the passwords on your personal devices as strong as those on your work devices? Have they installed any software to make it easier for them to use their own device while bypassing your security?
The answers to these questions: You don’t know. The best thing to have in place is a remote work policy that includes parameters around the use of personal devices, which brings us to the next point.
5.Write and enforce a remote work policy
A remote work policy not only helps protect the business, but also sets the right expectations for employees. Consider including the following in your policy:
- Only approved personal devices are allowed.
- Public devices such as hotel internet rooms, library computers, etc. are not used.
- Public WiFi is not used.
- Connect only to the company network through the VPN.
- Have password standards, such as not using the same passwords for personal and business accounts.
- Have approved anti-virus and anti-malware software installed on personal devices.
- Update your confidentiality agreement to include appropriate care procedures for the remote handling of corporate information.
6.Consider using a password manager
Today’s digital world requires us to use more and more passwords . Over time, they can become almost impossible to remember. To keep track, many people engage in one of three poor practices:
- Keep them simple and memorable (eg, your child’s birthday, pet’s name, etc.).
- Use the same password for everything.
- Have a Word document on your computer labeled “passwords” and record them there.
It would be relatively easy for a hacker to get the passwords from someone who does any of these three things, so some turn to password managers. These admins generate unique, strong passwords for all the different places you log in, and you control them all with one master password.
7.Encourage employees to be cautious and vigilant
Employees working successfully and safely remotely are a huge part of many businesses today. To make sure your team is protected, talk to your employees about ways they are less safe at home and what you can do to help them.
Ask them to question any strange-looking text or email. Remind them not to plug unapproved USB sticks or peripherals into their computers. Reinforce the dangers of sending personal or corporate information in an email. And most importantly, ask everyone to be cautious and vigilant.
As you can see, there are some important IT security measures to consider if you’re building or managing a remote workforce. Several managed service providers can help you overcome these challenges if you lack IT staff or equipment. But by following these seven steps, you’ll be on your way to ensuring that everyone in your organization is protected.
I’m interested
- Increase in cyber attacks in the industry since the spread of the coronavirus
- Spam campaigns related to Covid-19 spreading the Agent Tesla Trojan to steal passwords
- The 5 key elements of an optimal cybersecurity strategy for the return to work
- 7 tips to improve the security of your company on the internet if you work from home
- 5 tips to have a cybercriminal-proof password