The Covid-19 pandemic has launched remote working into the spotlight both nationally and internationally. Many companies that might not have been properly set up for remote working have suddenly become entirely remote operations. The onset of remote working has left organisations around Ireland with a number of questions to consider, most importantly, is your orgnaisation set up for secure remote working?
- How are we delivering remote access to our team?
- Should remote working feature more heavily in our future?
- Are there advantages to remote working over having an office?
- Are remote employees more efficient, effective, happier, or more fulfilled?
- What tools do we need to provide our employees with to allow them to work effectively from home?
For many organisations, moving from office-only to remote-only can mean moving from a protected, dependable environment to an unpredictable and vulnerable one. Here are five things to consider from a security point of view.
1. Multi-Factor Authentication
How is your team accessing company data or applications? If they are using passwords only, they might be vulnerable. Passwords alone can be very easy for cybercriminals to target. To get some perspective on this, consider checking out the website haveIbeenpwned.com. Here, you can input your email address and see if your email has been compromised in a data breach. If it has, you are vulnerable. Prior to the Covid-19 outbreak, there were 8.5 billion compromised passwords. This figure had risen by 1 billion in a matter of weeks.
Multi-factor authentication provides an extra layer of security. For example, the two layers could be a password and a six-digit code sent to your phone. This extra layer protects your employees if their password is compromised. To learn more about multi-factor authentication, check out a post we published on a world without passwords.
2. Device Protection
If your employees are working from home, using a home broadband connection, you must make the assumption that the connection is not secure. When you are in an office environment, you are able to actively manage and monitor the connection. This is not the case when your team is working remotely. You have your entire family using the same home network for many uses e.g. web browsing, gaming and work. There is also the possibility that your employees will switch between connections. For example, they might also use a personal hotspot, public accommodation WIFI or the WIFI connection in a co-working space. Although you cannot control the connection, you can secure the device. Below are a few things to consider with regards to device protection.
Is the device connected?
Is the device monitored by your MFA solution to allow company devices only access your corporate resources?
- How are you controlling the devices used by your team?
- Are you staff using personal computers or company-owned devices?
- Are the devices secured with antivirus software?
- Is the antivirus software being kept up to date?
- What types of applications are running on these devices?
- For devices being used over insecure networks, what level of access are you allowing?
3. Data Protection
Closely linked to the above, you must also consider how company data is being protected to facilitate secure remote working. When working from home, employees are accessing sensitive data over an unsecure network. They may even be using an unsecure device. So how will your data be protected? If a person transfers data from outside the network into the cooperate network, could that create a vulnerability? These are critically important considerations.
To learn more about securing your data, check out https://actionpoint.ie/it-security/
How are you delivering your remote working solution? For many organisations, the sudden onset of remote working meant that security protocols were hastily put together at the last minute. Many companies opted for a VPN or virtual private network. VPNs allow you to create a secure network to network connection.
5. Business Continuity
You have given your team external access to your on-premises environment. But how confident are you in that environment? What would happen if there was a power outage, broadband outage or other unexpected occurrence? Would it mean that all remote working access is compromised? If so, this could put your entire remote working setup in doubt.
In this case, it is important to look at your business continuity plan. It is always important to have a contingency plan in place. This takes on even more significance when the entire team is working remotely. At ActionPoint, we have a number of business continuity plans to get you back up and running, with minimum downtime. To learn more about the connection between business continuity and remote working, check out this post.
To set your team up to work securely, efficiently and effectively from anywhere, there are a number of things to consider. Check out some of our latest articles below to learn more.