10 Security Tips to safeguard your data while “Working from Home”
While our government lurches awkwardly through the current crisis, there are several security considerations that must be explored. Enterprises must consider the consequences of working from home in terms of systems access, access to internal IT infrastructure, bandwidth costs and data repatriation.
What this means is when your worker accessed your data/databases remotely, then the risks to the data grow. While at normal times the risk is only between the server, internal network, and end-user machine, external working adds public internet and local networks. Here are some of the approaches to take for minimizing the risks while working remotely in this crisis.
1.Provide employees with basic security knowledge:
People working from home should be provided with the basic security knowledge so that they are also aware of the phishing emails and ensure to avoid the use of public Wi-Fi. They should be trained to check that their Wi-Fi routers are sufficiently secured and to verify the security of devices that they use to get the work done.
Employees should be particularly reminded to avoid clicking the links in emails which they receive from the people they don’t know. Your team needs to be in possession of basic security advice and it’s also important to have an emergency response team in place.
2. Provide your people with VPN access
One way to secure your data as it moves between your core systems and the external employees is to deploy a VPN. These services provide an external layer of security which in turns provide the following:
- Hiding the user’s IP address
- Encrypting data transfers in transit
- Masking the user’s location
Most large organizations already have a VPN at the place and they should check that they have sufficient seats to provide it to all their external employees. Once chosen the right type of VPN organizations must check that all their employees are provided with that service.
3. Provision Security Protection
Organizations must ensure that their security protection is up-to-date and is installed on the devices that are used for work. That means virus checkers, firewalls and device encryption should all be in one place and should be well updated.
4.Run a password audit
Your company should need to audit employee passcodes. That doesn’t mean requesting people’s personal details but does mean passcodes used to access any enterprise services. These passcodes need to be reset and redefined in line with stringent security policy.
The use of two-factor authentication should become mandatory, and you should ask the people to apply for the toughest possible protection across all the devices. You should also ensure that business-critical passwords are securely stored.
5. Ensure the software is updated
Organizations should ensure their employees updated their software with the latest version according to the support under the company’s security policy. Not only this the company must activate the automatic updating on all your devices.
6. Encourage the use of (secure, approved) cloud services
One way to protect your employees and their data is not to store their data locally. Content storage must be cloud-based where possible and employees should also be encouraged to use cloud apps (such as Office 365). It’s also important that any third-party cloud storage device is verified for use by your security teams.
7. Reset default Wi-Fi Router Passwords:
Not every employee has reset their default their password of the Wi-Fi router. If you have an IT support team then they should give telephonic training to everyone on resetting their password. You do not want your data to be subjected to the man in the middle, data sniffing or any other form of attack.
You may also need to make arrangements to pay for any excess bandwidth used, as not every broadband connection is equal. Employees should be told to avoid using the public Wi-Fi or use it as a VPN as it is a bit secure with that.
8. Mandatory backups:
It should be ensured that online backups should be available and should be regularly done. If not, then employees should be encouraged to use external devices for the backup option. If you use Mobile device management (MDM) or Enterprise Mobility Management (EMM) services, then it is possible that you will be able to initiate automated backups via your system management console.
9. Develop contingency plans
Triage your teams. Ensure that the management responsibilities are shared between teams and do ensure that you put contingency plans at a place by now in case key personnel get sick. Tech support, password, security management, essential codes, and failsafe roles should all be assigned and duplicated.
10. Foster community & care for employees
The reason many people are working from home is because of health pandemic. The grim truth is that employees may get sick or worse during this crisis. With this in mind community chat, including group chat using tools such as hangouts, will become increasingly important to preserve mental health, particularly for anyone enduring quarantine.
Encourage your people to talk with each other, run group competitions to nurture online interactions and identify local mental health.
The bottom line is that your people are likely to be under a great deal of mental stress, so it makes sense to raise each other through this journey.