Businesses should still work from home unless they’re unable to and maintain social distancing from others. We’ve got some advice to help you make adjustments to keep trading where possible. So in this article you will find some tips for allowing your team to work online.
Working from home
Changing the location or type of device you access your business systems from may bypass some of your regular security controls. If your business has work you can do from home, we’ve developed some tips on how to enable your staff to do that securely.
1. Enabling staff to work remotely:
Allowing your employees to work from home allows them to work more flexibly and can be a useful tool in your business continuity plan. Unfortunately it isn’t necessarily as safe for the services and data you’re accessing remotely.
Working remotely can feel overwhelming if this is something you and your staff are not used to. This quick reference guide walks you through the important steps of setting this up securely. It will help you think about how the business will operate, including helping staff manage their time and set up their remote working space.
- Make a list of all the important systems your staff need to access in order to carry out minimal business functions. To get started, add your email, team chat and communications, and document storage systems.
- Note where those systems can be accessed from. Are they accessed only from within your work office, or can they be accessed from anywhere on the internet (cloud software).
- Designate someone as the go-to person to call when there is an incident. Your staff might be used to getting help in person, or having an IT provider they can call. Make it clear who this go-to person is and share their contact information with the team.
- Pick and configure a remote access software that connects your staff to your office network, like a VPN. Avoid using remote access software that only connects to a user’s computer at the office. This will be difficult to manage and will make it hard to
control if there was an incident.
- Configure the VPN to require two-factor authentication for every user. This is a must-do for every account. This software allows anyone to pretend they are in your office network. It needs to be protected.
- Review the VPN throughput and consider if it is enough for your staff. Consider the types of files and sizes they work with. Staff will have to do some work on their local
machines, but there will be periods of high traffic which means slower connections.
- Configure VPN logging and check them once a week. You want to monitor who is using this digital front door to your office. Configure logs and review them at least once a week to make sure all the traffic appears to be legitimate.
- If you have important cloud systems:
Check that two-factor authentication is configured for all accounts. Access to these systems is as important as ever. Protect them from unauthorised access by
requiring two-factor authentication.
- Check that access logs are configured for all systems. You should review these logs to make sure all access still appears appropriate.
- Set long, strong, unique passwords to access the VPN.
- Back up any documents they are working on locally (on their device) to the office network or document storage systems. That way you don’t have to worry about losing these documents if you lose or break the device.
- Check-in with your team regularly (at least daily). Having regular check-ins will allow you know how your staff are doing and if the remote setup is working. It also makes it easier to raise any IT questions or concerns.
- Keep any devices or data with you when you are in public spaces. If these devices are at home, it is good to keep up the practice of locking your devices when you are
- Set a long, strong, unique password to unlock any devices.
- Configure devices to download and install software updates automatically. Setting this to happen automatically means you don’t have to worry about it.
- Configure built-in operating system antivirus and hard-drive encryption software. Microsoft and Apple operating systems build this into their operating systems.
- Configure automatic device backups. Although your staff are doing regular uploads of documents back to the network, this is an extra, automatic control for peace of mind.
Some of your security measures in place at your workplace won’t protect you if you’re using different devices, networks or systems from another location. These include security measures such as web filtering, firewalls and data encryption. Before you open up access to your data and confidential information, consider how to implement other measures to cover those same risks.
Allowing your employees to work remotely can be a useful tool in your business continuity plan. Like all aspects of emergency plans, make sure your staff test it before they need to use it.
Below is a list of recommended security measures. Refer to your cyber security policy to know which kind of security measures will work for you.
Your staff will need mobile devices like laptops in order to work remotely. If you don’t currently provide them mobile devices, you will need to consider if you will offer them one or let them use their own. If you offer them one, you have more control over the security of the device and implement these measures:
- Configure the device to apply patches as they are available so it can stay up-to-date.
- Only allow certain programs to be downloaded and block known bad software.
- Configure regular backups.
- Configure hard-drive encryption.
Apple has a free hard-drive encryption tool for all users called FileVault. Microsoft offers a tool called BitLocker, which is free to several licences of Windows 10.
- FileVault for Mac
- BitLocker for Windows
If you can’t afford to offer a company device to each staff member, prioritise giving devices to staff members who access more sensitive systems first.
If employees can use their own laptop, consider what rules you would like to put in place before they can access company systems. For example, you may tell them they need to:
- keep their operating system up-to-date
- use hard-drive encryption and a strong password to unlock it
- upload any documents they have saved locally to the network, and
- run their antivirus software regularly (and keep that up-to-date as well).
Accessing business systems
Remote access software
You will need to use remote access software, like a virtual private network (VPN), to connect to your organisation’s network. This creates an encrypted tunnel between your computer and your work’s network protecting the files and data you’re accessing from your home network. See our advice on which remote access software will work best for your needs.
Strong passwords are the first line of defence in systems that are accessible on the internet. Reinforce to staff the importance of keeping passwords unique and long for every system and device.
Enable two-factor authentication
Systems that require access from the internet, particularly important ones such as work-related systems, email or messaging apps, need to be protected. Enabling two-factor authentication makes sure that attackers can’t get in if they’ve guessed your password or stolen your credentials. Make it mandatory when accessing away from the network.
- Using 2FA to secure your business
Advise your staff to use their home internet network for accessing business networks and systems. Not all WiFi and internet networks are secured in the same way. The best way to stay safe is the use the one that they have set up at home.
Travelling to and from destinations introduces security risks. Make sure work devices are encrypted. The hard drive of your device adds an extra layer of security should it be lost or stolen. The password to unlock the device should be strong and unique.
If they need to work out and about, consider offering a privacy screen to these staff which makes shoulder surfing a lot harder. When having a phone call, check who’s within hearing range and avoid talking about confidential information. Don’t leave your devices unattended when you are in public spaces. When you leave it unattended at work or at home, make sure to lock it.
If they lose their device, be sure they have an easy way to contact you or your IT provider. Mistakes happen, and it’s better to know immediately so the impact can be managed.
When your staff members are located across multiple locations, being able to easily communicate with your team and others is essential. Look for options have end-to-end encryption before choosing a tool to use. This applies for both your messaging options and any video conferencing you need to use for meetings. If the system you use doesn’t offer this – consider changing or make sure everyone knows to avoid sharing or talking about sensitive information. This is any information you wouldn’t want made public.
Sometimes people working from home may want to be a little more flexible in their working hours due to childcare arrangements, family needs, and personal appointments. Make sure there is someone they can contact if they need IT support, especially if they need to report an incident.
When you’ve got a moment, record these remote working decisions into a policy. This can be the go-to place for staff to understand how your organisation operates remotely. It’s also a good time to remind staff of any other related policies you have.
Let’s Join our Hacking Team
Hope this article helpful for you. Thank You
Indian Cyber Army | Make IT Secure
Enjoy…Stay Happy…Stay Secure…