Businesses that can operate remotely are moving in that direction. At Smart Dolphins, we saw many Vancouver Island employers request that employees begin remote work last week. Some organizations are still in the process of transitioning to a work-from-home environment. Here’s Smart Dolphins’ top three tips on how to ensure that remote work is setup securely.
#1 – Begin with a business-wide security policy.
Every organization needs to offer their employees some guidance and technical safeguards to ensure that computing from home is secure. Here are some ideas on what to include in these guidelines:
- Ensure that employees keep their software and devices up to date
- Encourage them to be mindful of what they download
- Practice password safety by using a password manager like LastPass
- Enforce multi-factor authentication
- Install anti-virus software
- Offer cybersecurity training
Keep your eye on risk, and pause to properly plan, assess risk, and repeat as our work from home needs evolve.
#2 – Invest in a proper secure remote setup.
If an employee needs to access a virtual private network (VPN), ensure that they are not using a personal computer or an “unmanaged” one. At this time, there is a very HIGH risk of malware/ransomware being transferred from a home computer right to the business network. Businesses should view VPNs as if they were running a network cable right from their office to an employee’s personal computer.
We understand that many business leaders are rushing to get employees working from home, but cybersecurity must not be overlooked with the heightened risk. The scammers are watching and creating new malware and social engineering schemes, and they’ll keep doing just that. They have seen the transition of the workforce from the relative safety of the office to home settings. They know that we are working on personal computers and that VPNs may have been hastily set up. They also know IT departments are going to be scrambling during this transition. Basically, the security versus convenience slider has been moved toward convenience for many, so risk goes up.
Under normal circumstances, would you let your employees bring their child‘s computer to the office, plug it in, and copy company data to it? Probably not.
#3 – Related to a proper setup, do not ask employees with modest or weak IT skills to start rolling out remote setups and tools.
We are seeing a rush of employees with Microsoft 365 considering setting up Teams on their own without the assistance of IT professionals. We are advising business leaders to slow down and take the necessary steps to plan this out as a project. As mentioned in a blog post that we shared a few weeks ago, there are security risks that need to be considered.
We will continue to share as much information as we can to keep you informed from an IT perspective during this pandemic. If you have any questions, please contact us.