As more staff than ever are working from home due to the Covid-19 pandemic lockdowns around the world, it is apparent that many organisations have found their remote working solutions are inadequate. This article looks at covid-19 remote working security tips for businesses affected by the switch to working from home.
Some have had no option for remote working either due to the nature of the business or due to lack of a business continuity plan; the lockdown has almost certainly changed the mindset of these businesses! Working from home is nothing new, employees have long had the opportunity to work remotely on an occasional or on a full-time basis. Most companies will have processes in place to cater for home working, however, the mass rollout of remote working will have caught out even some of the most prepared businesses.
Remote working is a new experience for a lot of people and can be difficult for someone who normally works in an office environment full time. No longer can you meet your colleagues daily, chat face to face and have in-person meetings, all of this is now virtual and online via apps and phones. It is important to have a daily routine and good work ethic when home working, e.g. stick to a start and finish time as it is easy to work late. Take breaks as you would in an office, organise your day productively and avoid distractions as best you can.
Due to the impact of the Covid-19 pandemic, I believe organisations will have to embrace remote working and the benefits that it provides to both the company and its staff. Productivity is higher, staff have fewer sick days, savings are made on office space and flexibility for staff are just a few of the benefits.
Due to the lockdown a lot has been invested by companies to get to a point where they can provide a home working solution, purchasing laptops, licences, headsets etc, to allow their networks to operate at scale. In the coming months there may be similar restrictions put in place due to COVID-19, so companies must be prepared to roll out again to maintain their productivity and security. Working from home will become the norm, so it makes sense to offer employees remote working. Those organisations with existing remote working solutions will look to improve them and those with little or nothing in place will need to invest to provide a solution for their employees.
Whichever solutions are used for remote access, video conferencing, online messaging etc, it is essential that organisations make certain that they are secure from cyber attacks. There are numerous threats online to remote workers, such as unsecured wi-fi networks, use of unsecure personal devices, networks, firewalls and security software and phishing attacks and scams
targeting remote workers. Many organisations will sacrifice security for functionality, particularly when solutions need to be rushed into production as we have recently seen. However, all these threats need to be mitigated if you intend to keep your organisation secure.
The following should be the highest priority if you have any remote working staff:
Secure VPNs – F5 Access Policy Manager and Next Generation Firewalls such as Palo Alto and Fortinet can provide secure VPN gateways into corporate networks and provide seamless access to applications.
Two Factor Authentication – Just having a strong password is not enough, having 2FA/MFA provides an extra layer of security for user accounts and prevents stolen credentials being used to access corporate networks. Vendors such as Okta, Duo and Microsoft Authenticator via Azure Active Directory provide this and can be easily integrated with secure VPNs from F5, Palo Alto and Fortinet.
Endpoint Security – Endpoints with security products providing firewalls and anti-malware protection is essential, such as Palo Alto Cortex XDR and Fortinet FortiClient. After all there is very little point in having a secure connection to the corporate network with a compromised laptop or mobile phone.
Encrypted end to end communications (video conferencing / online chat) – Microsoft Teams is available for organisations with Office365.
Regular software security updates – With a remote workforce you now need way to track and patch remote laptops and desktops. Baramundi Management Suite – Unified Endpoint Management provides the visibility and capability to do just that, reducing the risk of emerging threats from unpatched operating systems and software while your staff work remotely.
So while remote working looks like it’s here to stay it’s vital that your business keeps systems secure from attack.