Business owners and staff from every industry are in the process of adapting to the realities of working from home. While there had been reports of the cost benefit and positive effects on a remote worker’s mental health (and now videos parodying occasionally ridiculous virtual meetings,) but until recently there was much less information about remote cybersecurity.
As we are grappling with the Covid-19 coronavirus pandemic, the need to implement cybersecurity policies for remote workers is becoming the new normal. Many businesses have overlooked their cybersecurity while scrambling to make these tough decisions. We highlight some concerns and strategies to minimize your security exposure.
Why Do I Need Remote Cyber Security?
While most businesses focus on securing their network, many overlook the cybersecurity issues related to remote staff. Home networks and personal PCs are generally not as secure as a business environment supported by an IT department. You’ll need to implement a cyber hygiene protocol that goes beyond basic antivirus software when remote access to business technology is needed.
Cybersecurity Considerations for Remote Staff
Before we get into the solutions, let’s take a look at some of the potential issues needing to be dealt with.
Firewalls: Most home networks do not have the robust features that an enterprise grade firewall will have. They also do not provide the continuous security updates, patching, web traffic filtration, and monitoring you receive from a dedicated IT staff.
Personal Computers: Without proper preparation, remote workers may be forced to use their own workstations instead of those provided by their employers. Personal devices may not have the security tools in place you have implemented for your business computers. This leaves you open to exposure you would never allow in your business network.
Security Policies: Has your staff been trained to access your business network using secure methods? Has a VPN been setup for your remote worker’s devices to ensure secure connectivity to your internal network? Have permissions and restrictions been put in place by your IT department ahead of time to prepare for these contingencies?
Access: Does your staff have the ability to reach all the information and tools needed to do their job? Whether it is QuickBooks residing on an on-premises server or graphic files needed to complete a sales presentation, you will need to ensure staff can securely access the data they need to be effective.
Network Security Assessment: Does your IT department run a network security assessment regularly to determine who or what may be connected to your network? It is easy to become too comfortable when your business has been relatively unscathed from cyber attacks. Over time, devices are slowly added to the network. Your IT department should be able to identify these and ensure that there are no unprotected devices on your network. Staff should only use approved devices on the network and any mobile devices should be isolated on their own network by VLAN or other methods.
Cyber Security Tools and Techniques to Protect Remote Workers
Now that we have learned about some of the issues to be aware of with a remote workforce, let’s take a look at some of the solutions.
DNS Protection: By redirecting your mobile user’s web traffic through a cloud-based DNS security solution, you can enforce web access policies, ensure regulatory compliance, and stop threats without interfering with the VPNs, firewalls, and other network security tools already in use.
PC Threat Monitoring: Beyond antivirus protection, endpoint monitoring can provide Windows and macOS event log monitoring, breach detection, malicious file and process detection, threat hunting, intrusion detection, and more.
VPN Connectivity: Securing remote connections to your business network is a priority. Creating a VPN provides a secure tunnel from the remote device to the business network to ensure there are no available entry points for bad actors to exploit during connectivity.
Secure File Sharing and Cloud Collaboration: Collaboration is critical to a remote workforce so be sure to provide an encrypted cloud environment for team members to share and collaborate on files. Secure file sharing can eliminate much of the need to connect directly to your business network which minimizes exposure.
PC Backup and Data Protection: With a remote workforce it is critical to make sure all devices are being backed up to the cloud to protect data against loss, breakage or cyber-attacks such as ransomware. Ensure any lost data can be quickly recovered to minimize the associated costs to your business.
E-mail Spam & Phishing Protection: With phishing now the leading entry point for cyber attacks, it makes sense for any business to implement e-mail security. Inexpensive tools such as Proofpoint make it much more difficult for attacks to reach you and your staff. The added benefit of course is that you save precious time and sanity by limiting the amount of spam you have to comb through daily!
VOIP Phone Solutions: Voice over IP is not a security measure but is perfect for workers that spend time working in both the office as well as remotely. Because extensions can be forwarded to a remote workers cell phone, you can ensure all inbound calls are captured and directed as needed.
Summing Up the Move to a Remote Workforce
Remote work can be both liberating and rewarding. No matter the reason you are moving your staff in this direction, take time to consider your current IT strategy. There is no reason why working from home needs to be any less secure. As long as you are applying the same care to your staff’s security as you would while they are onsite you should be fine. If you are concerned that you are not as prepared as you would like, reach out to an IT professional. Amicus MSP provides free initial consultations to answer any questions you may have.
For more information on how Amicus MSP can help your business, click here. or call us at (800) 804-1477.