Working from home (WFH) became the norm this last year for many businesses and many companies will not go back to the pre-COVID workplace. Instead, a new hybrid workplace will become the norm, with some employees in the office, others working remotely and still others doing a mix of both. But what about remote work cyber security?
The new “office” environment means a change to your endpoint cybersecurity structure. With so many “endpoints” in different locations, there needs to be the strongest cybersecurity possible to protect all data. (An endpoint is any device that is used to connect to your network. Phones, computers, faxes, servers — whether in your office, at home or in the cloud — are all examples of endpoints.)
Here are the things you need to support a hybrid workplace.
Good Video Conferencing Equipment
When you hold meetings with in-house staff as well as remote, you simply cannot skimp on the technology. If you do, you will likely drive yourself and everyone else crazy. But no worries: Exceptional video conferencing is reasonably priced these days and well worth the investment.
Physical Security Equipment
Look into what kind of physical security you have. Is it time to invest in video surveillance of your offices because they are often left emptier than previously — whether that’s because of the COVID situation or because your employees have to do a lot of traveling for work? Also consider security devices like laptop locks for your frequent travelers.
A Virtual Private Network (VPN)
A VPN network is a secure link between your data and the internet. Once you have your own VPN, all your data traffic will be routed through an encrypted virtual tunnel. This allows your IP address to be invisible on the internet. It secures your data from external attacks including those who sign in remotely. Its advantage is that the level of security is the same as it is when someone logs in from a physical office.
Company Computers for All
Every employee should be working on a company computer, even if it’s remotely. This ensures that the endpoint (the computer) will be maintained within the company’s IT and cyber security framework. Company data will not be compromised by employees’ personal activities.
An Encrypted Wi-Fi Connection
No matter where the Wi-Fi is located — in someone’s home, in the office or at the airport– the Wi-Fi should have an encryption protocol such as WPA2. If it doesn’t, don’t use it!
Expect that your employees will need training or assistance in securing their router. Their password should be a very strong one. Creating guides and checklists can help, but be prepared to support remote workers with one-on-one assistance as needed.
Hardware firewalls are physical devices that attach to computers and control the traffic and data that touch the computer. Consider these for use both in the office and at long-term remote locations, such as an employee’s permanent home office.
USB Data Blocker
A USB data blocker is a device that blocks data from being transferred whenever a device is plugged into a public charging hub, such as at an airport or even at a friend’s house. A typical USB connection allows both power and data to be transferred. The USB data blocker allows users to power up without allowing any transfer of data. This will, of course, prevent viruses and malware from getting into your company and possibly transfer to your work environment.
Implement an IT Usage Policy
A comprehensive IT use policy should cover any work done from home, your physical office and from anywhere else your employees might work. The IT policy should include ways to securely protect company data, computers and devices and how to notify IT support about potential security issues. The consequences for not following the policy and thereby exposing the company to threats should be clearly defined.
Cyber Security Training
Training is without a doubt the best way to keep your data safe. Make sure your employees understand your IT use policy: how to spot phishing attempts, how to react to a ransomware threat, why multi-factor authentication helps keep passwords safe and more.
Point out to them that the most expensive and damaging cyber attacks are caused by employees being tricked into providing access to the network. (For example, just because an email says it’s from Microsoft doesn’t mean it is.) Teach your team how to scrutinize emails and where to report anything suspicious.
Damaging losses to businesses can’t be prevented solely by technology because they happen by tricking employees.
Make Remote Work Cyber Security Part of Your Culture
Make cybersecurity part of the company’s culture by bringing it into your team discussions. What works? Where are people stumbling? What tools can be leveraged to help? Rework or rewrite unclear or outdated policies, retrain on practices that are falling off and keep the lines of communication open.
Go With the Flow and Stay Adaptable
COVID has certainly taught all of us how to adapt and keep our businesses running amid various changes in environment and circumstance. Don’t regress to the old way of doing things. Staying adaptable is your best path toward future stability and growth.
And remember, you don’t have to do this alone. As a managed service provider (MSP), Convergence Networks can help you with all of the above, plus any other technology challenges specific to your business or industry. Contact us to get started.