By Alan Hayward, Sales and Marketing Manager at SEH Technology UK
With the UK government announcing its roadmap out of lockdown, businesses need to start thinking about how they will handle the transition to re-open offices. Normal working patterns have fundamentally changed by the pandemic, with employees also expressing a preference to continue working from home in the longer term. Fortunately, digital technologies can ensure that people can continue completing their regular duties from home. That being said, remote working comes with its risks, mainly in the form of cybersecurity threats. Cyber hackers are on the hunt for network vulnerabilities and opportunities to exploit valuable data, which not only puts employees’ own privacy at risk, but could result in company security breaches too.
Most employees are able to work from their home, where they can secure their Wi-Fi, but others may use unsecured public Wi-Fi networks. This could create opportunities to breach the network, track internet traffic and potentially collect confidential data. It’s also important for businesses to consider the personal devices that their employees are using at home. These will often lack the same level of security tools built into corporate machines, increasing the risk of malware finding its way onto devices, leading to information or data leaks.
Coronavirus-themed phishing scams and hacking campaigns are also becoming more popular with cybercriminals, leveraging fear and taking advantage of workplace disruptions. The timeline of which we can expect to transition out of lockdown is still unclear, meaning organisations and employees need to continue pursuing factors that will help them remain safe and productive when working from home.
Implementing firewalls and antivirus software
To prevent threats entering the network, businesses can consider building firewalls which creates a barrier between employees devices and the internet with closed ports of communication. An employee’s device will usually have a built-in firewall, but it’s vital to ensure that it is enabled when they are working at home. For added protection, there are plenty of other third-party firewalls available too. Businesses can also install antivirus software as the next line of defense, as it detects and removes any known malware from the employee’s computer system. Not only does this software eliminate the virus, but it also prevents any potential threats from infecting employee’s devices in the future.
Updating devices and data back-ups
You would be forgiven for thinking that updates to device software are often time consuming or tiresome, but they are really important when employees are working remotely. These updates will often include patches for security vulnerabilities that have been discovered since the last version of the software was installed. When working from home, employees should also ensure their data is backed up. Data can easily be lost due to human error, hardware failure or cyberattack, but ensuring that their data is backed up either in the cloud or external device will ensure peace of mind and help them stay productive.
Managing access to corporate systems
Businesses can also use Virtual Private Networks (VPNs) to allow remote employees to access IT resources securely, including email or file services. VPNs create an encrypted network connection that authenticates the user or devices, and secures data in transit between the employee at home and the organisation’s services. In addition to enhancing security, VPNs also allow for better performance and efficiency of the network. If the organisation is already using a VPN, it needs to check that it is fully patched. It may also require additional licenses or bandwidth due to the increased number of employees working from home.
Securing removable media
USB dongles can easily be misplaced or lost by employees, which is a huge problem when they contain valuable amounts of sensitive data. These dongles may also be openly shared amongst remote workers, making it more difficult to track what they contain, where they’ve been, and who has used them. Dongle servers are a popular choice as they allow USB devices to become available over a network. This means copy-protected software can be used as normal, but users don’t need to connect the license dongles directly to their client, minimising the risk of data breaches and attacks on the organisation’s network.
Planning for the ‘new normal’
With some employees stating they would prefer to continue working from home, or are apprehensive to return to the office post-COVID-19, businesses need to take action and manage the cybersecurity risks that are associated from remote working. It’s important for organisations to access the risks that emerge from their employees working from home and remotely accessing the network. The resulting cybersecurity policies should determine the processes that need to be put in place to minimise the risk of attacks or data breaches. In addition to the precautionary security measures, employees should be trained regarding the use of their devices when working remotely. This will include secure storage and management of user credentials or passwords and how to report a cybersecurity incident, as well as building an awareness of the risks and the ways that they can be prevented.