Working from home will become the new normal for many employees. Companies will not want to waste their investment in remote working technology, especially as it enables them to downsize offices and make savings during a period of economic turmoil. As remote working raises a number of security issues, here are some useful tips on how to protect your devices, systems and data.
1. Ensure all devices are protected with antivirus software
When employees work in the office, a company has much greater control over security, including defending against malware. They can deploy site-wide antivirus protection, prevent users from installing unauthorised software, block access to dangerous websites and prohibit anyone accessing the system from an unauthorised device.
With employees working remotely, companies find it more challenging to implement the same levels of security. This can be a major worry when the devices themselves are physically less secure and important files and data are more at risk. Installing antivirus software on all devices is essential to prevent infection from viruses, trojans and ransomware that can steal data, corrupt files and take systems offline.
2. Keep software up to date
When cybercriminals launch attacks on devices and systems, this is often done by trying to exploit software which has known vulnerabilities. In most cases, the software developer will have been aware of the vulnerability and will have released an update that removes it. Those who have auto-updates enabled on their devices and those who are conscientious about installing updates as soon as they are available will be immune to these types of attack.
The weakness lies in those employees who do not keep their operating systems and applications up to date. They risk their own devices being hacked or infected and this can cause issues for the company’s system and other remote devices. It is important that regular updating is a requirement of a company’s IT policy and that reminders are sent to staff when an update has been released.
3. Encrypt wi-fi and change router password
Most employees working remotely will attempt to access the company system via wi-fi. Cybercriminals can hack into a wi-fi network, even one with a password if the password is weak. This would enable them to intercept all online communications, including logins, files, emails and their attachments. To prevent this, employees should ensure their wi-fi connection is encrypted by changing their router settings. If possible, they should use the more secure WPA2 connection.
At the same time, employees should make sure their router does not use a default username and password as these are publicly available online. This would enable a hacker to have easy access to the router, including the ability to change the password and username so the employee could no longer access it.
4. Use a VPN
The safest way for employees to connect with your system online or to communicate with each other is to use a virtual private network (VPN). This will encrypt all data going to and from the device, preventing it from being stolen during transit. VPNs are widely available and many of the providers offer services for free.
5. Start using email certificates
Cybercriminals are taking advantage of employees working at home by sending fake emails purporting to come from company bosses. Known as spear-phishing attacks, unsuspecting workers are asked to log in to cloned sites from where their credentials are stolen or told to send files containing important data to fake recipients. In some cases, accounts staff are being asked to settle fake invoices or transfer funds directly into cybercriminals’ bank accounts.
Email certificates can digitally sign and encrypt all email sent by the company. They enable all recipients, internal and external, to verify that the email is genuinely from the company and not from a dubious source. Available for individuals, departments and entire organisations, email certificates can prevent spear-phishing attacks from succeeding.
6. Use business systems for e-mail and file sharing
If your business uses a prescribed platform for communicating and file sharing, such as Microsoft 365, then you should insist that remote workers use this for all communication and file sharing purposes. This is because your company has centralised control over these systems, enabling you to configure settings, add and remove users, deploy spam filters and antivirus, enforce strong passwords and so forth.
If, when working from home, your employees use their personal email accounts, messaging and file sharing apps, then you have little control over their security and any data stored on them is only as safe as the individual employee makes them – which for many is far less secure than is needed for business data.
7. Back up your data
As remote working can cause company systems and data to be more vulnerable, the potential for data loss is increased. To enable companies to swiftly restore website and server data following a disaster, a remote backup solution is essential.
Cloud backups have a number of useful features: intrusion prevention, 256-bit encryption, Secure Socket Layer (SSL) or Transport Layer Protection (TLS) and use multilocation data storage. In addition, you can schedule backups to take place as frequently as required, easily increase storage capacity if needed and rest assured that the backups have been checked for integrity to ensure the data hasn’t been corrupted.
Permanent remote working is likely to become the new normal for many employees, with well-known brands like Twitter, Square and Facebook leading the way. While this offers cost-effectiveness for companies and improved work-life balance for employees, it does raise security issues. Hopefully, the tips provided here will help your business make its devices, data and systems more secure.
For web hosting with a wide range of security features, visit Webhosting.uk.com