What Cyber Security Measures are Most Important When Working from Home?
Remote work is a great choice for many employees, but its convenience is what makes it riskier than working on your company network. Don’t convince yourself that your business is safe from a data breach! Know the risks that come with opening the door between work and home to better prepare for the inevitable threat of a cyber attack.
Hardware & Software Security
Not every business can afford to invest in company-owned equipment for employees working from home, despite this being the most secure remote hardware option. Personal computers don’t have the same level of security as your company-managed hardware. This means that when an employee connects to your systems from the comfort of their home office, that personal computer becomes the weakest link in your cyber defenses.
Even if a computer has the latest operating system or home anti-virus, the hardware isn’t fully secure until it’s configured professionally for remote work. Computers, mobile devices, routers, hardware firewalls, and any other equipment used for remote work should be configured by your IT staff or managed services provider to ensure the hardware is actively working with your cyber security measures rather than undermining them.
Enterprise-grade anti-virus/anti-malware software is a must. Internet connections will also need attention when setting up a remote workplace. An employee’s home network may not be configured to handle the bandwidth needed for the tools and data required to work remotely, especially if there are others in the home using the same network.
In addition to battening down the digital hatches, you’ll want to confirm that all the hardware and software used by your remote workforce are up-to-date to prevent the latest threats. You’ll also need to set policies for the use of plugins and extensions on home devices that access your systems. These extraneous tools can siphon data without you or your employee knowing. You may consider having IT professionals review and adjust permissions on home computers as needed to protect sensitive data.
Diligent password security may seem like basic knowledge, but it’s twice as important when you have employees working from home. Brush up on the latest standards, then make sure you have a company-wide password policy in place. Consider using a password manager to make the transition easier for employees who may not be used to changing passwords often (or those who have been using Password1! for the last decade).
Even a good password can be fallible. Multi-factor authentication (MFA) is one of Anderson Technologies’ go-to security measures and for good reason. In addition to standard login credentials, MFA uses a second method to verify the identity of the user trying to access data or applications. This can look like a code emailed or texted to an external device or connecting individual accounts to an authentication app. This way a compromised password doesn’t mean a bad actor automatically has the keys to your kingdom.
Phishing & Other Threats
When COVID-19 altered the digital landscape seemingly overnight, malicious actors across the globe barraged a newly-remote workforce with pandemic-related phishing campaigns. These bad guys know the vulnerabilities associated with remote work and craft clever phishing attacks specifically targeting employees working from home for the first time.
Phishing, SMSishing, and ransomware lures use social engineering and fancy graphic elements or branding to mimic a trusted company or vendor. Even phishing campaigns that look less convincing can be mistaken for the real deal by a stressed or distracted employee.
It’s wise to encourage a company culture of accountability when it comes to cyber security. Employee education is the most effective method of preventing cyber attacks in the workplace and at home. If a strange or suspicious email makes it past your email filter, make sure employees use a coworker as a “gut check” buddy before taking action, and instruct them to always report a potential threat to your IT support professional or managed services provider.
These simple security precautions can shore up your defenses while allowing employees the freedom to work from home.