Over the last 15 years, the cloud revolution has greatly changed the way that the average office functions. Where offices used to be self-contained, with everyone accessing data locally, now employees can be logging in to company applications from anywhere in the world.
Company assets are often hosted in the cloud to take advantage of a more mobile workforce. This includes employees using mobile devices while traveling and workers telecommuting from home.
Another factor that’s significantly increased remote connections to company data is the COVID-19 outbreak. To contain the risk of spread, many companies throughout Ireland, and the rest of the world, have sent their employees home to work remotely.
This can offer significant IT security risks if you haven’t taken steps to properly secure all those remote connections.
We’ll go through several ways that you can ensure your remote team is connecting securely and that your network and data are protected.
Important Security Considerations for Remote Workers
There are many vulnerable endpoints to consider when you have employees telecommuting. Beyond just the device they’re using for their work, each employee also has to use a router that’s enabling their connection. These also have to be considered when it comes to cybersecurity.
But if you take proper precautions, there is no reason that you can’t keep your office running efficiency while employees telecommute without worrying about potential data breaches.
Here are some of the key tactics to employ.
Control Endpoints with a Device Manager
Device managers allow you to do things like monitor device access to your applications and data as well as push out security updates. When you have employees working remotely, understanding which data is being accessed by which employee’s device is vital to security.
One of the most powerful endpoint device managers is Microsoft Intune. You can get this packaged with Office 365 by upgrading to a Microsoft 365 subscription. It enables things such as remote access being granted or revoked, and the ability to control access at the application level.
Encrypt Wireless Connections with VPN
Using a business virtual private network (VPN) takes the headache out of trying to control multiple connection points.
Employees that work remotely will be connecting from their own home networks, some of which will have weak passwords. Other employees working while on the road, could easily be connecting from an unsecure public Wi-Fi.
A VPN can encrypt all those connections and ensure data being transferred between an employee’s device and your network isn’t compromised by a hacker on the same network.
Keep Credentials Safe with Multi-Factor Authentication
Credential theft is behind 81% of data breaches. This is a problem both for employees working remotely as well as those working at the office.
One of the best ways to avoid a breach due to stolen login credentials is to use multi-factor authentication (MFA). Microsoft states that 99.9% of account attacks can be avoided by deploying MFA on your accounts.
You should have all your account logins backed up by this second step of authentication, which typically includes having a code sent to an approved device. That code needs to be entered to complete the login process.
Stop Threats with Antivirus/Anti-Malware
Are your employees using their own personal computers when they work from home? Do they have an antivirus solution that has the ability to catch zero-day threats?
This is often something that can be missed if a company is asking their employees to work from home without a lot of pre-planning (i.e. in the case of the coronavirus outbreak).
One of the best ways to ensure your team has the protection they need on their home computers is to use managed IT services with managed antivirus/anti-malware protection.
Avoid Phishing Dangers with DNS Filtering
Phishing is a constant threat and most phishing scams use a URL that links to a malicious website. This tactic is favored over file attachments because a link can often get past email security applications looking for malware.
Links don’t contain malware, rather they direct a user to a website that can do a drive-by download of malicious code onto their device. They can also lead users to a sign in page that’s spoofed to look like one from a trusted company and is designed to steal their login credentials.
DNS filtering checks URLs before a user’s browser is directed to them. If it detects a malicious site, the user is sent to a warning page instead. This keeps devices from being compromised even after a user accidentally clicks a malicious link.
Strengthen Your Cybersecurity Both Inside & Outside the Office
FutureRange deploys a number of state-of-the-art tools that can secure your data and network both inside and outside your office.