Homeworking is evidently going to be a big part of the future – far beyond COVID-19. However, it’s not as straightforward as making sure your team has the right technology and a good office set-up. For remote working to work in the long term, robust security measures need to be at its core.
1. Educate your staff
No matter how much they might seem to be in the public consciousness, you can’t expect all staff to know about key cyber security risks. It’s your responsibility to ensure they’re aware of these, along with the necessary processes for keeping safe online.
Make sure all team members (including new starters) are trained on the usage of devices from a remote location. This includes storing documents securely and reporting any incidents in the right way. Put everything in writing (for example, in a remote-working policy) so they have something they can always refer to.
2. Get the basics right
Anyone working from home devices should have at least the foundations of homeworking security in place: antivirus and security software. Any privacy tools and browser add-ons should be updated regularly too.
If staff need new accounts, or access to any systems or devices (including home devices), then these should have strong passwords and two-factor authentication at the very least. You should also check their connection is secure, and that there is an effective data backup system in place.
3. Protect VPNs
The majority of employees will now be using virtual private networks, or VPNs. That means it’s important to be aware of any phishing attacks that attempt to steal these account credentials. You’ll want to look through logs to identify any compromises of VPN accounts – irregular usage patterns will be the key indicators here.
Multi-factor authentication can safeguard VPN accounts from unauthorised access. A 2019 Microsoft report found that these stop around 99% of all account takeover attacks – including those where the credentials were correct. You should additionally make sure any new VPN servers are patched.
4. Implement mobile device management
Set up devices with a standard configuration, and ensure that you can action anything – – like locking them, erasing data, and retrieving a backup – remotely too. That way, if the worst does happen, then you should at least be able to minimise the damage and ensure business continuity.
Monitoring remote connections and system access should be a consideration as well. You’ll be able to reduce the risk to your business’ technical infrastructure and data. This leads us on to our final tip…
5. Minimise data risk
Even household names get cyber security wrong – Yahoo, Superdrug and Butlins, to name just a few. Whilst your business may not necessarily end up in the headlines, a data breach can cause irreversible damage. It’s not uncommon for a business to close after suffering a knock to its customers’ trust.
Therefore, do what you can to give your data the utmost protection. Although online storage can be incredibly valuable, this should only be where necessary. If data does need to be put into the cloud, it should be effectively encrypted to ensure that it’ll be kept safe if it’s lost or stolen.
Secure your business whilst remote working
For peace of mind that you have the right level of security in place, make sure you have the right training and standards in place – like our Information & Cyber Security certifications.
Working towards these accreditations can help you implement robust security management, minimise risk, protect data, and increase customer trust. Not to mention, you can ensure your business meets GDPR requirements.
To discover more information about our data-handling training, get in touch with us today.