In a few short months, telecommuting has become the norm for many companies and their employees. The “stay at home” orders of the COVID-19 pandemic meant rethinking how business could continue when the office itself was closed. Some of the things that companies learned during this time included:
- The cloud is indispensable
- Costs are lower when employees work from home
- Without office interruptions, productivity increases
- Data security is a bigger issue when employees work remotely
Now that businesses in Rhode Island and the rest of the country are beginning to slowly reopen, some are deciding to keep employees at home either full or part-time. For example, Twitter recently announced that its employees could work from home permanently after the pandemic is over. While companies were initially worried about connecting employees to their business apps and communication systems from home offices, a big concern that arose was remote cybersecurity. How do you change your IT security structure to cover remote employees? More than 1 in 3 organizations surveyed have experienced a cybersecurity incident related to a remote working environment. When employees are dispersed in multiple locations and those locations are homes that lack business- grade Wi-Fi equipment or network firewalls, security becomes even more important.
Security Issues to Tackle for Safe At-Home Workers
There are distinct security challenges when deploying a remote workforce. But just because you may need to adjust your cybersecurity strategy, doesn’t mean you can’t properly secure all those at-home workers and enjoy the advantages that a flexible telecommuting workforce can mean. Here are several reasons that cybersecurity is even more important in a work from home (WFH) environment, and how to address each.
The Network Environment Can Be Less Secure
When computers are connected to the same network at the office, just about all the other equipment they’re sharing that Internet stream with are also business related. But in a home environment, a work PC could be on the same network with easier to hack or riskier devices, like a doorbell security camera or a teen’s cell phone. A way to remove the risk of a hacker breaking into a high-risk device and then discovering your work PC on the same network, is to segment the router. This just involves creating a guest network and putting only work devices on that Wi-Fi stream, separate from other household devices.
Home Routers Have Less Security
There are several differences between consumer-grade and business-grade routers, and one of them is security. Consumer routers have lower security standards because they’re not typically used in an office setting. They’re also one of the prime IoT targets for hackers, especially now that business data is being access through home routers around the world. Two ways that this risk can be mitigated.
- Have permanent WFH employees use a business-grade, and properly firewalled router
- Have remote and mobile employees connect through a business virtual private network (VPN)
WFH Employees Can Be More Susceptible to Phishing
When employees are working from home, they’re at a risk of feeling cut off from the normal support system they have at the office. This includes help combating phishing and knowing what to do with a questionable email. Hackers have accelerated their efforts during the pandemic, with phishing attacks increasing 667% in March alone. You can help employees stay safe from phishing and other cyberthreats while working from home by giving them the IT support they need in the form of cybersecurity awareness training, remote IT support, and anti-phishing and managed antivirus software.
Remote Connections Can Leave Data Vulnerable
A mobile workforce needs to have the ability to connect remotely to multiple assets. These can include servers that are located at your office and several cloud applications that your company uses. Enabling those remote connections leaves those assets at risk of a hacker exploiting them. You have several tools you can use to enforce remote connection security. These include:
- Using multi-factor authentication (MFA) for all logins
- Deploying a cloud security app, like Microsoft Cloud App Security
- Using whitelisting to approve which IP addresses can remotely connect to an on-premises server or PC
Work Being Done on Unsecure Devices
Employees working from home may be using their personal computer to access work product. Others may have taken home their business workstation, but now it’s outside the normal IT security infrastructure at your office. In either case, PCs can be left without critical security updates or not have proper antivirus/anti-malware protection. If they suffer a hard drive crash, companies can also end up losing valuable work product. Combating the device security issue takes a multipronged approach:
- An endpoint device manager, like Microsoft Intune, can allow you to remotely manage security updates and revoke access to business apps if needed.
- Managed anti-virus/anti-malware can keep devices updated and monitored for any threats.
- A cloud backup system can capture all work data on WFH employee devices and back it up safely in the cloud so it’s not at risk of being lost.
Secure Your Remote Employees with Help from Onsite Techs!
Onsite Techs of Rhode Island can help your business set up a solid cybersecurity strategy that protects your remote workforce and keeps your data secure and accessible. Contact us today to schedule an IT security consultation at 401-415-6290 or reach out online.