Staying secure whilst working from home
For many companies, the shift to an all-remote workforce has been disruptive and sudden. However, in all this noise, it’s essential to make sure that your workers are safe, and your data is secure.
Here’s seven tips for improving the resilience of multi-site operations that all remote workers can implement at home.
#1: Stay up to date
Ensure that all of the software your people are using when working from home is up-to-date. Make sure your people use the latest version of their browser software and that antivirus software is up-to-date and actively blocking threats. Make sure updates happen automatically on company computers and insist that people do the same for personal devices. Show them how to do it if necessary.
Please note that Windows 7 is now ‘end of life’, meaning Microsoft no longer offers patches and security updates. Some PC’s running Windows 7 can still be upgraded for free to Windows 10.
#2: Secure data in motion with a VPN
Employees working from home should be provided with a VPN or Virtual Private Network, which encrypts Internet traffic and makes the flow of data more secure. Install VPNs on all company devices used offsite. Provide them for use on employees’ personal devices and provide clear instructions on how to put this extra protection in place.
#3: Use remote desktops, but don’t turn off the office computer
Remote desktop software, which allows your people to take control of their office computer remotely, is well worth considering but should only be used in conjunction with a secure VPN. It will enable them to access the full processing power and data capacity of their work environment from home, while company data stays safely in the office. If your computer is part of a corporate domain ask your IT administrator to implement a temporary Group Policy that prevents remote users from shutting their work computers down as otherwise they’d have to go and start it up again in person.
#4: Use strong passwords and two-factor authentication
Ensure you are promoting proper password management and insist on strong passwords as standard. Employees should be using complex passwords that are unique to each application. Do not use the same one across multiple services.
Use two-factor authentication – which requires a second piece of evidence to gain unlock access – wherever possible, but especially on cloud-based applications that can be accessed from anywhere such as Office 365. For Office 365, two-factor authentication will include a password and a text or call from Microsoft to verify that it’s you.
#5: Stay smart for phishing scams
Phishing scams are the most significant threat for many businesses today, and we can expect to see more that explicitly target employees working from home. Understanding the risks is the best way to fight them. Instruct employees to contact your IT department or representative if in any doubt about the validity of an email. If you do fall, victim, raise the alarm immediately to minimise potential damage.
For more information download and share our simple guide to protect your team against Phishing
#6: Update your routers and the password
Encourage your employees to secure their home broadband routers. As well as ensuring that the firmware is up-to-date, insist that they change the default WiFi password within the router settings to something longer and more secure. This will disconnect old devices (which is a reasonable security precaution in any case) and ensure new devices are accessing the network more securely.
#7: Don’t allow device sharing
Don’t allow your employees to share access to their work devices with family members. All of the excellent work you’ll have done educating your people about the risks to cybersecurity can be undone in an instant if one of the children accidentally downloads key-logging software or some other form of malware.
Free guide to remote & hybrid working
Keep staff engaged, happy and healthy with advice from flexible & remote working specialists and insight into how leaders at the UK’s best small workplaces have managed new ways of working as a team.
Bouncing Back Better Post Lockdown
Here, partners at Purple Beach, Annemie Ress and Olivia Gribaudo explain how businesses can use the changes we’ve seen to bounce back better than ever.
How to secure network access for remote working teams
As thoughts turn to more permanent home working set ups post-pandemic, IT teams need to find a way to make it easy for teams to access remote networks in a way that doesn’t jeopardise the security of the network.
How the UK’s best workplaces have adapted to change
To help business leaders navigate the new ways of working brought about by the Coronavirus pandemic, we asked three leaders of award-winning SMEs how they adapted as offices first went remote, how their plans changed, and where they’re headed..
IT strategy for managing business change FAQs
We’ve put together the most frequently asked questions about IT strategy and security posed during our “Managing business change during Covid-19” webinar.
Working From Home Security Advice
Remote systems have recently been rapidly deployed to allow staff to work from home, but they are being exploited. Here are a few things to consider if you are a home worker.