Many companies in Brisbane, Sydney, Australia and throughout the world are going through a rapid realignment of how their operations work due to the social distancing recommendations for COVID-19.
This means workers are being sent home and asked to work remotely for an unknown period of time. This also means changes in technology infrastructures that impact security and data connectivity.
Some companies are better positioned than others for this quick transition, such as those that already employ remote workers either part or full-time. But others aren’t prepared and don’t have a lot of time to plan for a smooth crossover to running their business remotely.
Perhaps the biggest concern is the data security of remote logins and cloud solutions. Once employees go beyond the confines of your office, how can you ensure all those remote connections aren’t risking a data breach?
63.5% of the ransomware attacks in Q1 2019 were done using Remote Desktop Protocol (RDP).
There are several strategies you can deploy to ensure that both devices and connections for employees working at home are properly secured.
How to Keep Remote Work Devices Secure
One of the first decisions a company needs to make when sending workers home due to coronavirus social distancing measures is whether they are going to take home their work desktops/laptops or connect to business apps and get email on their home computers.
Either way, those devices need to be secured, and network protections that may be in place at the office, won’t be protecting them when they’re in employee homes.
Here are some tactics you can use to secure remote work PCs.
Ensure a Strong Antivirus/Anti-Malware is Used
To prevent the risk of a ransomware or virus infection that can cause loss of business data, each employee device that is used to connect to company data should have a strong antivirus/anti-malware installed.
If your team uses Windows 10, then they’ve already got strong protections against ransomware and other threats, but they need to be activated in the system settings.
Continue Patches and Updates
Update management is of vital importance whether devices are in an office or in a home. Approximately 60% of all data breaches happen due to unpatched software vulnerabilities.
There are two ways you can approach this to ensure all remote devices are properly updated:
- Use an endpoint device manager, such as Microsoft Intune
- Use a managed IT services plan that includes remote patch/update management
Have Employees use a DNS Filter (Web Protection)
Web protection, also known as a DNS filter, helps protect against phishing attacks by blocking malicious URLs.
Phishing emails overwhelmingly use links to dangerous sites rather than file attachments to skirt past certain types of anti-malware programs. Using a DNS filter can keep an employee from injecting their device with malware even after they click on a dangerous link.
How to Keep Remote Connections Secure
The second part of security for employees working remotely from home is security of their internet connection. Home routers don’t typically have the safeguards that business-grade routers do, so additional precautions need to be taken to prevent a hack through that home network.
Have Employees Connect with a VPN
A virtual private network (VPN) that is designed for business use offers an encrypted connection that can keep workers safe even if they’re connecting from an unsecure Wi-Fi.
The VPN redirects the connection through their server, which has safeguards in place to do things like mask an employee’s home IP address, encrypt data being transmitted back and forth, and keep hackers from intercepting data even if they’ve managed to hack the router network.
Use a Guest Network to Silo Sensitive Devices
On a business network, there are far fewer devices considered “high risk” than there are on a home Wi-Fi network. For example, a child’s smartphone or a smart home speaker can be easier to hack and thus considered a “high risk” device.
You want to have employees separate those high-risk devices from computers and mobile devices that are used to access work data. This can be done by having a guest network set up on a router, which segments the two types of device groups – highly sensitive on one network and higher risk on another.
That separation keeps a hacker from getting to your work computer if they manage to hack into a smart device on the “high risk” network.
Use Two-Factor Authentication on Cloud Services
Credential theft is a popular tactic used by cyber criminals to access business could platforms, like G Suite or Office 365. Once they obtain a user login, they have access to files, emails, and the ability to send more phishing on your company account.
You can significantly increase the connection security for your cloud business apps by enabling two-factor authentication on all of them. This requires that a code sent to an approved employee device be entered to complete the login.
Get Remote Managed Security Set Up for Remote Employees
You can take the stress out of setting up security for remote employee devices by using a managed services plan from Connected Platforms. We offer remote tech support, remote monitoring, patch management, and much more.