April 28, 2020
Given the state of the current environment, businesses everywhere are adjusting to remote work. Whether your organization is a veteran to remote work policies, or entirely new to the concept, successfully maintaining a remote team requires the same general best practices as a traditional one would. Fortunately, this growing trend offers a plethora of benefits for both employees and businesses overall. From greater flexibility to improved productivity, the switch to remote work can be a liberating thing when properly managed. That said, proper management begins with ensuring your remote employees are equipped with all necessary tools to perform their jobs both efficiently and securely. Now more than ever, cybercriminals are targeting remote workers, and in these fast-paced times, it’s important you feel confident in the security of your business and the data behind it. To help make certain of that, we’re sharing a few cybersecurity best practices to reduce the risk of your remote employees falling victim to an attack.
The 9 cybersecurity best practices and tips when working from home are:
- Utilize company hardware
- Connect securely
- Update software
- Maintain accountability
- Standardize meetings
- Password protect
- Lock it down
- Avoid file sharing
- Provide ongoing training
Continue reading to learn more about these 9 best practices.
Cybercrime Has Been Steadily Increasing
Today, as more and more businesses instate work-from-home policies, criminals are developing new ways to take advantage of potential vulnerabilities. A report by the European Law enforcement agency, Europol, highlighted the ways in which criminals are using the COVID-19 pandemic to manipulate new ways to infiltrate secure systems, and what businesses should be looking out for to protect themselves. According to the report, coronavirus-themed attacks including phishing emails, spam campaigns, and other various malware and ransomware attacks will continue to increase and target individuals working from home. Implementing cybersecurity measures for your work from home employees can help in combating these growing threats and protect your business from exploitation.
Utilize company hardware
Reliable, secure hardware is essential to remote employees’ productivity and ability to perform their jobs in the same fashion an in-office employee would. Therefore, access to proper tools and technologies from employee remote work locations is imperative. Presently, as businesses are adjusting to new remote work methods, many are facing the question of whether to allow employees to use their own devices or require the use of company-provided ones. For security purposes, it is always recommended best practice to require remote employees to work off of company-owned and maintained devices. As honest as your employee’s intentions may be, the use of personal devices puts your company at a much higher risk of a breach.
Cyber-attacks on work from home employees occur when hardware is not properly outfitted with security precautions. Utilizing company-maintained hardware ensures any computer accessing your company network is armed with all critical security measures such as enterprise-level antivirus, intrusion detection, encryption protocols, and a properly configured firewall. Additionally, cybersecurity agency ENISA, recommends discouraging employees from utilizing the same device for work as they do leisure activities as best as possible. Personal emails and non-business related websites may be a vulnerable access point for hackers, and accessing that email on a company device could cause disastrous problems.
Remote employees often work from a variety of locales. Whether that be their home, a co-working space, or public cafe, it’s important to have secure access to corporate resources wherever they may be. Consequently, cloud-based applications are becoming increasingly popular due to their ability to unify remote teams. Depending on businesses’ specific needs, a variety of network connectivity solutions can be used to ensure your remote employees are connecting with one another securely.
Geographically distributed workers need to be able to access business-critical resources in a timely manner, resulting in many remote workforces embracing Software-Defined Wide-Area Network architecture (SD-WAN). Secure SD-WAN solutions are ideal for remote teams for the fact they provide flexible, scalable, high-performing accessibility to all business-specific applications, plus embedded security. Without compromising user experience, the implementation of SD-WAN can help improve remote employee productivity while reducing costs and security concerns for IT.
Additional options for managing remote employees include providing access to a Virtual Private Network, or VPN. VPN similarly serves as a secure and private technology for organizations and individuals to send and receive data over the internet. Utilizing encrypted passwords or certificates, users can gain access to your business’s private network in a secure fashion, despite the use of very unsecured public WiFi networks.
Application and security updates aren’t just about the latest features or device speed. Developers are continuously improving and updating software security to combat cybercriminals’ similar continuous advancements. Ensuring all remote employee devices are equipped with automatic updates in addition to regularly deploying updated patches is essential. Particularly in the current environment, we’re facing, your IT team may not be able to physically access company hardware for an extended period of time, thereby relying solely on automatic updates.
Depending on specific job duties, it’s important to account for all relevant devices different individual roles require. Mobile device management software, for example, may be easily overlooked but holds equally high importance in terms of cybersecurity. For those using company-owned mobile devices, maintenance best practices include remote wiping of devices, strong password enforcement, data encryption enforcement, and limitations on software and app installation.
In combination with all the technical updates and security layers you instate on remote employee workstations, employees must also be held accountable for their personal best practices and follow a standard of behaviors. Whether temporary or permanent, employees working remotely are responsible for the protection of business confidential information just as they would be in the office. To encourage this behavior, it is important that management outlines their expectations beforehand.
Simple yet important cybersecurity tips that should be required of all employees include:
- Shutting down devices or closing out programs when they are not in use
- Never leaving company-owned devices unattended
- Being aware of one’s surroundings when working with sensitive information
- Discouraging non-employee personnel from using company devices
While these actions may seem obvious, it’s important to revisit them regularly to ensure remote employees develop good habits in maintaining cybersecurity best practices.
Communication across remote teams is critical to success. Therefore, standardizing meetings with the implementation of cybersecurity best practices is an important element to overall business security. Virtual meeting tools such as Zoom and Skype for Business offer excellent substitutes for in-person meetings when actual in-person meetings are not an option. However, these tools are still susceptible to vulnerabilities and should be used only with proper security measures in place.
Password protecting meetings is a simple and effective way to keep unwanted guests out and your meetings secure. Using a random password generator, it is recommended that a unique password is created for each meeting participant. However, if that is not feasible, creating a unique password for each meeting is also a valid alternative.
Lock it down
Perhaps your team is having a meeting or they’re participating in TeamBonding’s Virtual In It to Win It, either way once a session has begun and all invited guests are in attendance, “lock” your meeting to prevent outsiders from joining, should meeting IDs or passwords get leaked. This is a particularly useful tool for larger meetings that infiltrators could potentially sneak into without notice. Before you implement this tool, however, be sure to notify your team so intended guests are not accidentally left out.
Avoid file sharing
The file-sharing feature of meetings may be convenient, but it presents a significant risk of vulnerability. Instead, share relevant materials through trusted, outside sources such as Google Drive. Also, be aware of who files are coming from and avoid opening anything from an unrecognized source.
Provide ongoing training
Clear lines of communication are important for several reasons while working remotely, including cybersecurity. Make sure employees are aware of all available tools your business is utilizing to stay connected, whether that be virtual meetings, instant messenger apps or collaborative software, and encourage regular usage. Think of bringing in a professional trainer to speak with your team about working from home, at TeamBonding we revolutionized all our classic training programs so we could bring them to you virtually. In our Professional Development Workshops, you’ll share a profound learning experience together online. Apart from maintaining your company culture, these tools can be used as an opportunity for IT staff to provide ongoing awareness training to your remote workforce.
Employee awareness is the first line of defense when it comes to cybersecurity, so ensuring everyone knows exactly what they should be looking out for is critical. Scheduling sessions to review common attack methods, such as phishing emails and suspicious link detection, can help employees feel more confident in their ability to spot a breach. Additionally, establish company-wide communication protocols for IT support and crisis management to ensure all suspected issues are addressed in a timely manner.
Remote work brings with it a unique sense of challenges and although many of us are working under unusual circumstances, there are benefits to the situations we find ourselves in. By working together and practicing good habits we can ensure our businesses and our people come out on top.
We at TeamBonding are here to help your remote team feel secure working from home. Contact us today!