How to Protect Your Business While Working Remotely
How safe is your data?
With nations around the world locked down because of the Covid-19 Pandemic, businesses are being forced to find new ways of operating. For many offices that use computers as their main tool, there is the option for employees to work remotely from home.
On a surface level, while there are challenges, this can mean that some businesses are able to continue operating in a similarly normal capacity. However, there is a significant shift in the resilience of an organisation’s online defences, if they are not updated to match the new working environment.
There are certain best practices that individuals and businesses can make use of to protect their employees and critical data. This article will go into some strategies that should be used to keep your data safe, as well as some of the threats to look out for.
Pre-lockdown security measures
There are some security measures that a business would have likely implemented already, mainly when working within the office. This includes firewalls, Domain Name System (DNS) and Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS). However, once a business’s employees have been moved to multiple locations outside of the office, like in the current situation, with many working from home, these security features might not provide an adequate amount of protection.
Security: Use a VPN
One of the most effective new defences a business can put in place is a virtual private network (VPN). This can provide a secure network for remote workers to connect their computer to the company’s system.
There are a few techniques that need to be used when getting a workforce to use a vpn. The first is to make sure that everything should be updated to the latest software. This means VPNs, devices used on the infrastructure, and devices used for work, will all have the latest patches and security updates.
Threat: Brand Imposters
One of the biggest topics in the media in recent years has been fake news and misinformation. With the coronavirus outbreak, there has been a proliferation of campaigns that have imitated trusted sources like governments and welfare organizations. People often follow these organisations recommendations without much persuasion, making impersonating them a powerful deceptive trick.
One of the most effective cyberattacks that impersonates these organisations are phishing campaigns. Using respected organisational bodies as a cover, people can be compelled into downloading malicious software by accident to their work devices.
One of the ways to identify phishing campaigns is to closely look at the content of the messaging. Are there any spelling mistakes? While this isn’t a perfect screening process, it can provide a quick level of insight. If you do suspect something is malicious, do not click or open any links until you can verify with security personnel if it’s safe.
Security: Use secure Wifi
The connection between a device and the internet can be a weak point and vulnerable to attack. An employee and business should always connect through private home networks that are secure. This means they should avoid public networks. Cybercriminals are able to intercept data on unsecured public networks, this puts both personal information at risk, as well as business data.
Security: Remove Unknown Devices
If there are any devices such as harddrives, usbs and peripherals, they should not be connected to any hardware related to the business.
Security: Multi Factor Authentication
For high security areas, multi factor authentication should be implemented. This means that to gain access to an area, a user must authenticate their identity in multiple ways. For example, this could mean with a password and then a unique code sent to their mobile. This prevents a thief from gaining access to a network by stealing a single piece of hardware.
Ensure that all employees know the risks that they face from working remotely. Create a document to outline the different types of threats and how to identify them. Outline step by step best practices, making sure that everyone using the network understands the correct procedures.
Data is an extremely valuable possession. For cyber criminals there can be large sums of money to be made by stealing private data for both individuals and organisations. To stay one step ahead of the criminals, it’s important to keep hardware fully up to date and follow the industry recommendations. These can change rapidly with the advent of new technology, so regularly doing your research will ensure your business is safe for years to come.