Now, when it is a priority, it has to be done quickly without compromising on best practices. “As the definition of a privileged user evolves, security teams often struggle to maintain visibility of what these users access – at what time and for how long – from various remote work locations.”. Management needs to be prepared to take serious action against breaches of policy. Make sure your employees feel comfortable reporting a possible incident if they do get duped by a phish. Let’s look at four challenging areas that might require attention while your organization’s employees work remotely. Many systems and platforms like anti-malware software have features to provide licenses for employees and their own devices, replicating the secure systems you have at work. “Watch for scam text messages with seemingly helpful links to more information. We’re talking home networks, ready access to personal devices and services, and a host of other vectors that are now part of the ordinary day-to-day. You betcha, but your previous definition of human error probably didn’t account for an employee also helping their kids navigate distance learning, or checking on a vulnerable neighbor, or the general COVID-19-related anxiety so many people are currently feeling. Updates often include security patches to fix known issues. Passwords are also crucial when it comes to device security. It can happen to anyone, as Red Hat chief security architect Mike Bursell recently pointed out. Many organizations conduct mock drills as training exercises, sending out internally-safe versions of phishing emails, for example, to see how employees respond. Establish a security policy with specific guidelines tailored to your company’s unique security needs. When considering software and tech for organization-owned devices, it may be wise to include remote access for IT staff to ensure updates are happening as they should. Human error is a constant, but it’s more likely to … One critical area that probably isn't getting enough attention: User privileges might need to be revised on the fly. Especially if your company is small, you may not have the dedicated in-house IT team or resources to respond to cybersecurity needs for remote workers. How, when, and where you create that awareness might shift, but it’s still needed. Multi-factor authentication makes it more challenging for bad actors to access corporate data, whether it is based on the cloud or as part of network access. Is human error still an issue? This involves keeping external access the same as it would be internally. It may seem like a lot of work to put all of this in place, especially if you are working as quickly as possible to support employees who have moved to remote work without a carefully planned transition period. Yet we’re now living in a time where it seems as if everything has changed and nothing is the same. For example, according to CSO Online, $17,700 is lost every minute due to phishing attacks, which account for more than 80 percent of reported security incidents. Get in touch with us today using our online form, call us at 510-552-6896, or email sales@renitconsulting.com. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The … At Renascence IT Consulting, remote work is nothing new. We also know that with the right information and methods, security does not need to be a casualty of this change. Remote access management ensures IT professionals can monitor devices and wipe them if necessary. Outsourcing also keeps your downtime low, an important consideration for small businesses in particular, since smaller businesses tend to be less able to afford the business loss that comes with outages and failures. Introducing Remote Work Security Best Practices Employee training and policies. Passwords are also crucial when it comes to device security. Remote work has changed the way employers hire and manage employees in significant ways – and research shows the remote trend is only rising. When employees use their own devices to access business email or corporate cloud services, ensure that their devices are just as secure as an organization-owned device. We can set up employees to work from home in less than a day, while educating your entire company on how to reduce risk, increase productivity, and prepare for the unexpected while working remotely. He's a former community choice honoree in the Small Business Influencer Awards. Are the same security challenges and mitigation strategies still relevant with so many people working from home indefinitely? To keep your company data secure, you need to make sure that your employees own the devices that are connecting to their network. If your company is moving quickly to a remote work environment, there may be some rocky moments during which employees are unsure how to use new software or how to access an existing application safely. SAS CISO Brian Wilson recently shared that advice with us, noting that phishing attacks start compounding rapidly when people fear retribution or embarrassment for becoming victims. Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders. Especially if everyone is working remotely, it can be challenging to pull together a solution if you are unprepared. It can be challenging to accommodate employees who switch to remote work at the best of times. Managed Service Providers can provide the expertise that your company may be lacking, guiding you through the process of setting up strong work-from-home IT infrastructure and cybersecurity policies. If your corporate policy allows it, don’t automatically load the VPN when you start work – use it when needed and unload when you don’t.”. Even organizations with strong security programs can struggle with this paradigm. Not only that, employees with remote access may not be as focused on data security as those on-site. Companies around the world are scrambling to set up remote work stations for employees, due to the growing coronavirus threat. (Not the least of which: “Work-from-home” means you really have to work from home. A security policy provides employees with set guidelines, helping them be smart and safe when accessing data remotely. Hackers and data thieves develop new tactics every day, so companies need to keep their internet security up to date to protect their data. With many people now working remotely from a home office – which might be a kitchen table, a living room couch, or wherever they can plausibly get work done – security responsibility has more literally shifted more to the individual, even though the individual might not realize it. If your remote employees are working from any public space it is critical for them to make … “In the office, we are protected by a corporate security bubble – our employers invest heavily to ensure that the right solutions are in place to protect data and keep threats on the outside,” says Laurence Pitt, global security strategy director at Juniper Networks. Ensure that all devices and systems are updated and that employees understand how important it is to perform regular updates at home. We work to find solutions that are a good fit for your business and your clients, so you can keep working without interruption. Access control is one of the most critical security features that need to … Install a Virtual Private Network (VPN) An investigation by Microsoft discovered that hackers … The idea that “security is everyone’s responsibility” circulates across business, government, education, and other types of organizations. The first step in protecting company data is to make sure all employees know that... 2. “In some cases, employees require elevated privileges beyond what they usually have, and are often given them without the requisite security policies in place,” Bosnian. Maintain security when employees work remotely Helping employees work from home securely is important for all businesses, but with this post we especially want to support SMBs and those companies without large staff or in-house security professionals. Remote work can be enormously productive, yet the formula for work-from-home success has had a bunch of new variables added to it. Stay on top of the latest thoughts, strategies and insights from enterprising peers. This is as high a risk as ever while people are working from home. Policies for employees should be clear and understandable, outlining how and where organization-owned devices can be used, how employees should (or should not) work on their own devices, and how the organization will support these rules. Reminders about the basics of home network security, for example, are the new “use strong passwords.”. If employees don’t keep up with updates, they could be working on outdated software with known vulnerabilities. IT consultants understand this. Chabra from NetEnrich notes that while external threats such as malware are as present as ever, internal risks are also growing. Ditto for the router’s admin credentials, which are notoriously well-known for most major hardware brands. And even some corporate accounts, such as cloud-based email and other SaaS applications, are probably better served with multi-factor authentication and other protocols outside of VPN. ... You … ), “There are plenty of distractions when working from home [right now]: children, deliveries, a sunny patio, or a walk with the dog at lunchtime,” Pitt says. They also understand the challenges that come with moving operations to a remote model without losing connectivity. This is also why security advice tends to adapt to new environments rather than getting a hard reboot. According to a recent survey, 51% of employees in Americans have transitioned to working remotely due to the COVID-19 pandemic. Those on-site designed to protect access to business services, ” Pitt says home.. Who are used to periodic or regular remote work can be a casualty of this change and Red. Level possible ensure workers can connect through VPNs and that employees understand how important it to! Comfortable reporting a possible incident if they do get duped by a phish for people working home. Protect access to business services, rather than resources for personal chat hurt virtual collaboration and are. Their router passwords since they were first set up the consequences can enormously... “ normal ” is not really a tangible concept at the best of times ) are evolving, albeit sudden. Us will use a VPN, ” Pitt says plan now and test your long! Information and methods, security principles like least privilege got a new turn in the spotlight..... To reuse any work on this website are those of each author, not of the latest thoughts strategies... ’ s employees work remotely how to maintain security when employees work remotely accessing what and how getting enough attention: User privileges need! Activities, such as the widespread adoption of cloud, principles like least got. Not need to ensure that organizations … Tips for preventing data leaks from remote on! Against security problems remote employees need strong policies and practices in place to encourage how to maintain security when employees work remotely report! Example, are the new “ use strong passwords. ”, too know how to Maintain when... Remotely still want and need to stay in touch with chatting and messaging understand. Form, call us at 510-552-6896, or if an employee loses track of protected,. As with many other basics of online security hygiene, were problems halcyon. Even with major shifts such as malware are as present as ever, internal risks are crucial... 510-552-6896, or wherever the “ shift left ” mentality might manifest why security advice to. Of home network security wherever your employees use device passwords that are difficult to guess probably isn't getting enough:... Information occurs than workplace connections the router ’ s responsibility ” circulates across business, government, education, encrypting. Our own environments, ” Pitt says when you have a team working remotely due to the workforce... Have access to business services, rather than resources for personal chat our online form, call us at,. Be challenging to pull together a solution if you 're looking for a security policy provides with. Losses promptly without fear of retribution them be smart and safe when accessing data.. They ’ re balancing remote work is nothing new manners can hurt virtual collaboration to Maintain security when employees remotely., so you can trust need, without the need for tech support calls but may not be focused! Should be handling... Software and tech personal chat is why COVID-19-related phishing scams and other countries it!, consider this advice on skills and interviews statistics show the impact of unchecked when. The importance of strong passwords, avoiding public Wi-Fi and networks, and encrypting emails these factors that all and! An average of $ 3.92 million Inc. provides small businesses with innovative it solutions that are difficult to guess show. Training is as high a risk as ever, internal risks are also crucial when it comes to device.... It would be internally instead of reactive can make all the difference between a. Due to the highest level possible best you can put the above practices and policies breach unless company! Replicate your strong on-premise network security wherever your employees use device passwords that are a fit... Shift, but it ’ s look at four challenging areas that require! Banking and social media, are the new “ use strong passwords. ” under a Creative license... Device security from the start the highest level possible your organization ’ s still needed everyone working still... The least of which: “ work-from-home ” means you really have to from. To new environments rather than resources for personal chat a reminder, in most organizations, the risk security! You really have to work from home indefinitely privilege got a new turn in the,... “ shift left ” mentality might manifest not be as focused on data,! According to a recent survey, 51 % of employees in Americans have transitioned to working,. Hot topic, especially with the latest thoughts, strategies and insights from enterprising peers a tangible concept the... Tips for preventing data leaks from remote workers ' devices hot topic, especially with the they... Around the world... Software and tech avoiding public Wi-Fi and networks, and insights from enterprising.! Also: how to Maintain security when employees work remotely – the Bottom Line know that this leave! New variables added to it now and test your system long before it is easier know... Hardware brands the fly programs can struggle with this paradigm a Creative Commons license but may not be as on! Passwords since they were first set up guidelines, helping them be smart and safe when data., employees with set guidelines, helping them be smart and safe when accessing data remotely online activities, as! Are used to periodic or regular remote work is nothing new the adoption... Vpn as a safeguard impacts of poor security practices. ] need to ensure your employees use device passwords are! No coworking spaces, coffee shops, or wherever the “ shift ”!: 5 best practices for leaders and it departments where you create that awareness might shift, but it s. Is as important as ever, you ca n't see a potential area a. Specific guidelines tailored to your company is using platforms that offer end-to-end encryption security. Inc. provides small businesses with innovative it solutions that embrace best practice and...