The COVID-19 pandemic has accelerated plans for many businesses to adopt a work-from-home model out of necessity. While initially thought of as a temporary adjustment, it is being predicted that work-from-home will remain a part of the “new normal”. While work-from-home brings about many efficiencies for both staff and business owners, it also changes the way you need to think about protecting your business from cyber incidents. Below are 5 ways to protect your remote workers and by extension, your business.
1. Manage VPN and RDP More Effectively
As the remote workforce has expanded, organizations have found that they can’t afford to run VPN (Virtual Private Network) connections to all staff. Rather they have been carefully assessing who needs access, and to what type of data. It doesn’t make sense to give everyone in an organization access to financial data. Once you assess your needs for VPN and RDP (Remote Desktop Protocol), you need to secure these to limit your risk of exposure. RDP in particular has been a favourite way for hackers to install ransomware on systems. To limit your exposure, ensure you have enabled Multifactor Authentication and strong lock-out policies to protect accounts from password re-use and brute force attacks.
2. Teach Remote Workers about Network Segmentation
Many IT departments are already over worked when staff are working in offices. To add having to segment home networks for all remote employees would be prohibitive. Why segment the home network? If you don’t segment the home network, your corporate network could become vulnerable to any malware or attacks on your staff’s personal devices. Work-from-home staff should segment their network in this way: set up a guest network for any friends or family who need to use the network, have a second segment for personal devices, and finally employees need to set up a third segment for their work devices and keep the family off this segment.
3. Make Data Protection a Priority
This should be a no-brainer, but many business owners feel that work-from-home is temporary and that they can survive small data leaks until they get back into the office. The reality is that COVID-19 isn’t going away as quickly as we had hoped, so work-from-home will be around for quite a while. As mentioned in the first point, securing remote access points is part of securing your corporate data. You should also look to securing cloud, email and video conferencing tools to preventing data leakage.
4. Secure Applications
While securing the network perimeter is important, securing applications that employees use to connect remotely is also important. By securing the applications, in the event that one app gets compromised, the attack doesn’t spread to the rest of the network. The other nice thing about using secure applications is that it limits the reliance on costly VPN access. Securing the data inside the apps is also important. You could consider tightly integrating your applications with the Trusted Data Format (TDF), which operates as a protective wrapper around the specified content. TDF is useful in securing emails, PDFs, Office files, photos and videos.
5. Make Cyber Security Everybody’s Business
With the rise in working from home, hackers have been taking advantage by either brute forcing their way into network or with targeted phishing scams. Now more than ever, you need to invest in cyber awareness training for your staff. By ensuring that employees are using good password hygiene and are aware of phishing scams, it will go a long way to ensuring your business is better secured against attacks.
Need help protecting your remote workers? Call Uzado today to find out how we can help secure your staff and your business.