With many companies forced into remote working without any preparation, many are struggling to ensure their remote-work environments are secure and productive. Remote work does offer many benefits to companies and their employees, but it creates security and productivity challenges that you don’t have to deal with in an office environment. You will need to ensure you have sound practices in place to manage your remote team.
Here’s everything you need to know about creating a secure and productive remote workforce:
Dealing with the Insider Threat
It is generally acknowledged that the biggest threat to a company’s security comes from its employees. And while there are cases of malicious insiders stealing company secrets, the more common vulnerability is innocent negligence. Many organizations have not trained their workforces to deal with remote-work security threats, and their lack of best practice knowledge and/or lapses in vigilance open the door to cyber attacks. This has never been more true than today, when team members who suddenly find themselves working remotely can make mistakes, like connecting to unsafe networks or carelessly opening malicious attachments in phishing emails.
The first step to mitigating the security risks posed by your employees is to provide training by your IT department or an IT provider. When employees understand remote workplace security policies, they are far less likely to engage in risky behavior or make mistakes.
In addition to training, you need to have a thorough view of the devices your staff are using to access your network and handle sensitive company information. This includes both company-issued and personal computers, tablets, and smartphones. Identity and Access Management (IAM) can help you with that. IAM covers the processes and technologies that ensure the right people are able to access data and devices, and only those people. As employees work outside the regulated environment of the company office, IAM helps organizations maintain a full audit trail to monitor data access and employee activity.
A powerful security practice within IAM is conditional access. This adds a layer of security by placing conditions on a user’s location, their device, and the application or file they are trying to access, among other things. In this kind of zero-trust environment, failure to meet these conditions can lead to denial of access, or the requirement of additional login credentials like an additional password, verification via mobile device, or other such second-factor methods.
How to Maintain Security When Employees Work Remotely
To address security issues while working remotely, you need a comprehensive business continuity solution that covers policies and procedures for remote workers and remote-work collaboration and communication.
Here are some best practices for employers:
Define your data:
Audit your data: Identify sensitive information so you can create security measures and best practices that ensure that only relevant people are authorized to have access. Existing data management policies need to be assessed and amended to serve the organization properly once remote access is fully enabled.
Introduce multi-factor authentication (MFA):
Having an MFA policy means your employees need more than a password to verify their identity and gain network, email, or software/other account access. As mentioned above, you need to adopt an attitude of zero trust when planning your remote work policy. This means verifying everything and assuming nothing. This approach involves segmenting your users according to the level of access to specific information and systems they require to do their work and introducing MFA to remote access solutions. It is essential to train your team so that they are aware of the additional authentication requirements, and how they contribute to safe remote work. One common example of MFA is, after signing in with your username and password, having a code texted to you or using an Authenticator app such as the Google or Microsoft Authenticator app.
Determine endpoint protection requirements:
Now that staff are working outside the office, you may not have complete control over the software installed on their devices. If people are not using devices from the office to do their work, you won’t even know which devices require access to your corporate data. Consider how you will manage the threats posed by data leaks and attacks from unknown devices on your network. We recommend that you have a policy that states which devices your staff can access company data and resources from, then ensure those devices are meeting your IT and security policies, such as enforcing antivirus.
For Windows machines, Windows Defender (included in Windows 10) is an adequate antivirus tool. If remote workers use Macs, they also need to consider endpoint protection software: In fact, 10% of Mac users have been victims of the Shlayer Trojan.
VPN best practices:
Logging in via a VPN (Virtual Private Network) is vital for accommodating secure remote access tools in your workflows. Ensure the network is strong enough to handle a large volume of traffic and that your VPN solutions are updated both on remote workers’ devices and on the server or firewall delivering the VPN solution.
Ensure remote access does not introduce more risk:
If you have no choice but to set up remote access servers, Windows 10 virtual desktops, or other remote technologies in a hurry, be careful about introducing unnecessary risk in terms of licensing and security. For remote access that includes remote access services, beware of ransomware attackers who are seeking out open remote desktop protocol (RDP) servers. That means only opening remote access ports that have been designated safe by your IT administrators, with the corresponding firewall configurations.
Consider the impact on firewalls and other logging:
For firms using security information and event management (SIEM) logging solutions to track traffic from local desktops and laptops to server resources, logging platform data will start to look very different when your entire workforce traffic starts to come in from different IP addresses. This will require you to review your geoblocking policies and possibly increase internet bandwidth for inbound traffic to your organization.
If you use cloud services, you may need to consider whether home users have appropriate bandwidth to do their work. Another issue could be the security settings of consumer firewalls and internet providers. These may block your intended remote access. If they do, you will have to review connection logs and your remote users’ security logs, as well as provide more help desk support for remote users experiencing difficulties connecting.
How to Work Remotely and Securely
Working remotely and securely requires a shift in mindset because we tend to associate home with relaxation. Cybercriminals rely on this kind of complacency for their phishing scams and other threats. Here’s how to create your own work from home security policy:
- Strengthen your passwords. Make sure your passwords for logging on to remote resources such as email are secure and reinforce them if necessary.
- Think before you click: Don’t click any links that look suspicious, and download content only from reliable, verifiable sources. Be wary of any unusual requests and check sender details to ensure the email comes from a colleague or other trusted source.
- Be careful about the devices you use for work: If you don’t bring home your office device for work, discuss security measures with your IT team. You may need to add a strong antivirus and security package to your personal computer or tablet.
- Ensure your home Wi-Fi network has a strong password. Follow wireless security practices because if you work on an unsecured network, your connection is more susceptible to hacking by cybercriminals trying to target emails and passwords.