Security begins at home

Asset 20
Working from Home

Staying secure whilst working from home

For many companies, the shift to an all-remote workforce has been disruptive and sudden. However, in all this noise, it’s essential to make sure that your workers are safe, and your data is secure.

Here’s seven tips for improving the resilience of multi-site operations that all remote workers can implement at home.

#1: Stay up to date

Ensure that all of the software your people are using when working from home is up-to-date. Make sure your people use the latest version of their browser software and that antivirus software is up-to-date and actively blocking threats. Make sure updates happen automatically on company computers and insist that people do the same for personal devices. Show them how to do it if necessary.

Please note that Windows 7 is now ‘end of life’, meaning Microsoft no longer offers patches and security updates. Some PC’s running Windows 7 can still be upgraded for free to Windows 10.

#2: Secure data in motion with a VPN

Employees working from home should be provided with a VPN or Virtual Private Network, which encrypts Internet traffic and makes the flow of data more secure. Install VPNs on all company devices used offsite. Provide them for use on employees’ personal devices and provide clear instructions on how to put this extra protection in place.

#3: Use remote desktops, but don’t turn off the office computer

Remote desktop software, which allows your people to take control of their office computer remotely, is well worth considering but should only be used in conjunction with a secure VPN. It will enable them to access the full processing power and data capacity of their work environment from home, while company data stays safely in the office. If your computer is part of a corporate domain ask your IT administrator to implement a temporary Group Policy that prevents remote users from shutting their work computers down as otherwise they’d have to go and start it up again in person.

#4: Use strong passwords and two-factor authentication

Ensure you are promoting proper password management and insist on strong passwords as standard. Employees should be using complex passwords that are unique to each application. Do not use the same one across multiple services.

Use two-factor authentication – which requires a second piece of evidence to gain unlock access – wherever possible, but especially on cloud-based applications that can be accessed from anywhere such as Office 365. For Office 365, two-factor authentication will include a password and a text or call from Microsoft to verify that it’s you.

#5: Stay smart for phishing scams

Phishing scams are the most significant threat for many businesses today, and we can expect to see more that explicitly target employees working from home. Understanding the risks is the best way to fight them. Instruct employees to contact your IT department or representative if in any doubt about the validity of an email. If you do fall, victim, raise the alarm immediately to minimise potential damage.

For more information download and share our simple guide to protect your team against Phishing

#6: Update your routers and the password

Encourage your employees to secure their home broadband routers. As well as ensuring that the firmware is up-to-date, insist that they change the default WiFi password within the router settings to something longer and more secure. This will disconnect old devices (which is a reasonable security precaution in any case) and ensure new devices are accessing the network more securely.

#7: Don’t allow device sharing

Don’t allow your employees to share access to their work devices with family members. All of the excellent work you’ll have done educating your people about the risks to cybersecurity can be undone in an instant if one of the children accidentally downloads key-logging software or some other form of malware.

More posts in our working from home series

Every month we share our expertise in cyber security and technology for business. Signup to receive the monthly Beaming bulletin

  • This field is for validation purposes and should be left unchanged.