Introduction
There has been an increase in the number of remote workers due to the current global pandemic. Many organisations were forced to shift to telecommuting or remote work models in the hopes of lowering the risk of contagion.
Unfortunately, with a lot of people now going online for work, cyber security incidents have also spiked. Many organisations do not have the right infrastructure and security measures to support a significant number of people working from home at the same time.
Aside from this, organisations like healthcare facilities are now transitioning to electronic records. This makes the loss of private medical information concerning for everyone involved. Thankfully, managed IT services providers can help organisations protect their network.
Since everything on the web can potentially impact data privacy and personal security, organisations need to put in place a robust IT infrastructure and establish security guidelines to address these issues.
We’ve put together a list of top tips that will help organisations comply with the cyber essentials scheme and ensure that their remote employees work securely.
-
Implement Virtual Private Network
A virtual private network or VPN can establish a secure tunnel between browsers and servers. It encrypts data packets before delivering them to a designated server, hiding the user’s IP addresses and location.
Employees who work from home should use a VPN to improve online privacy. Since a VPN encrypts your internet traffic, it’s hard for hackers or unauthorised people to intercept your data, either on the internet or even at home! Ensure that the VPN you are using is exclusive to your employees so they can access company information systems securely.
-
Secure Internet Connections
Ensure that the internet at home is secure. Many people tend to be complacent about their Wi-Fi connection since they do not think somebody would hack them at any given point. But with many hackers trying to penetrate various systems these days, it is better to be safe than sorry.
Do not leave your home network susceptible to cyber attacks. Remote employees need to take simple actions to prevent malicious parties from accessing connected devices. Change your home router password from it’s default, same applies to your home Wi-Fi password. Also, make sure firmware updates are installed so that security vulnerabilities are promptly patched.
-
Use Strong Passwords
It is more critical than ever to protect your accounts with robust passwords. However, it’s understandable that you cannot memorise complicated passwords when you are using multiple online platforms. To make this task bearable, you can use a password manager.
This software can safely record the login credentials of your online services. Instead of remembering each set of credentials, this system keeps everything in a single location and lets you access it through one master password. It uses security measures such as AES-256 encryption to prevent exposure to digital threats.
Also, ensure that the “remember password” function is turned off especially when employees are logging into company information systems.
Password managers can also be used to share online password e.g Social Media accounts etc. We ourselves use the password manager called LastPass – they offer a free version.
-
Apply Two-factor Authentication
Aside from using strong passwords, organisations should also deploy two-factor authentication or two-step verification before employees can access sensitive data. This could come in the form of an email, text message, biometric method or one time password (OTP) – this is our recommended solution. This adds an extra layer of protection to private accounts.
-
Create Backups
You need data to run your organisation and serve your clients without any issues. However, there are no guarantees that your data will always be there. As such, critical files must be backed up regularly. When you have duplicate copies of your files, you can continue with your operations even when your data becomes irretrievably lost, or your system is compromised. Managed IT services can help you backup your data so you can restore files right away.
This also helps you combat any ransomware events as you can simple restore from your latest backups.
-
Activate Firewalls
Firewalls serve as the first line of defense to prevent cyber attacks from getting into your company’s network. They create a barrier between a private device and the internet, conducting quick assessments to identify malicious components such as malware. It determines whether to allow or block incoming and outgoing traffic.
By using firewalls, malicious programs are restricted and data breaches are reduced. Your employees’ computer and home router typically have a built-in firewall. Just make sure that they are enabled at all times.
-
Install Antivirus Software
Verify that your device has a running, fully updated antivirus software. If not, managed IT services can help you choose great security software for your company and conduct penetration testing to evaluate the system’s overall security. Antivirus can detect and fend off malware and other malicious activities. Even if the malware finds a way to get into your employee’s device, antivirus can still eliminate it or worst case reduce it’s impact.
Our favourite Antivirus Product is Panda Adaptive 360.
-
Use Encrypted Messaging Apps
When communicating sensitive information, your employees need to use encrypted messaging services. Without end-to-end encryption, your conversations can be accessed by cybercriminals and other malicious actors focused on stealing them.
In particular if you are sending sensitive files over the internet via email, consider using Office 365’s Share feature rather than sending the file as an attachment.
-
Educate Employees
Cyber criminals are taking advantage of the telecommuting situation and are creating emails to steal personal information or gain access to business email accounts. In response to this, organisations should train employees to spot and handle phishing and other forms of social attacks. Employees should be wary of suspicious emails, especially when these come from people they don’t know. Instruct your employees to double-check the information with their colleagues when in doubt.
-
Report Problems
Report to the your IT support team right away if you encounter anything suspicious while working remotely. Once security analysts confirm a cybersecurity incident, they can implement appropriate solutions to stabilise the situation.
-
What to do with your devices?
Instead of using home computers, organisations must try to provide devices for all employees. Using personal computers can be risky as they do not have the same protections as work devices, nor the same capabilities to monitor activity.
Home computers often lack strong security tools, customised firewalls, and automatic online backup tools. This increases the danger of malware, infiltrating both personal and work-related information.
Many employees also tend to use smartphones or tablets for work-related tasks. In these cases, organisations should use a Mobile Device Management (MDM) and Mobile Application Management (MAM). These help them manage and secure devices and applications by implementing several security measures, including data encryption, virus scans, and deleting data on stolen devices. Also, consider installing a mobile security solution that can provide your team with endpoint detection.
Final Thoughts
From having the right technology to ensuring your team’s security, remote working has its own set of challenges. As most employees now work from home, all organisations need to deploy the necessary infrastructure and applicable security guidelines to reduce their cyber threats exposure.
Thankfully, you can outsource your managed IT services to keep your digital assets secured. With them by your side, you’ll have peace of mind knowing that your unique IT requirements are met.
Pingback: Cyber Essentials Changes for 2022 | CyberSecuritiesUK