11 Ways to Make Remote Work Safer
As the Covid-19 virus continues to spread, more companies will consider remote work as a way to keep their teams healthy and safe. But for many businesses, this will be their first experiment with remote work at scale — and they may not be ready for the cybersecurity issues that it brings.
Allowing employees to work from home does pose some additional risks, but there are some simple ways to make it practical, productive, and safe. Bear in mind that there’s no “one way” to implement a remote work program: The suggestions below can be combined according to your company’s budget and needs.
Invest in hardware…
If your organization has the means, consider investing in some affordable laptops rather than defaulting to a BYOD model. Your administrators will have much better control over security issues if they can configure and manage employees’ devices directly (and your accounting group may be able to turn that hardware initial investment into a substantial tax write-off).
…Or make BYOD safer
If you need to allow employees to use their own mobiles and laptops at home, help them secure those devices first by taking a hands-on approach. Schedule a “device checkup” with your IT group to make sure devices are scanned for malware, automatic software updates are enabled, antivirus software is installed and set to run regular scans, and screens are protected with passcodes. Depending on the laws in your jurisdiction (and your workplace culture), you may also consider asking employees to allow Mobile Device Management (MDM) on their personal devices.
Protect your network
Protecting your network should always be a top priority, but it’s even more important if you’re going to have staff working off-site. You should invest in a good firewall — the so-called “next gen” versions come loaded with advanced features like anti-malware scanning and DDOS protection. Be smart about network configuration and segmentation. Consider creating different networks and subnetworks in order to reduce the attack surface available to a bad actor in the event of a compromise, and look at setting up a DMZ as a way of providing a little extra distance (and an extra layer of packet inspection) between your network and the outside world.
Use RDP alternatives
Many companies look to Microsoft’s Remote Desktop Protocol (RDP) as a quick and easy way to let employees access their work desktops from home. However, RDP has had numerous security issues throughout the years, and is not really suitable for this purpose. Services like ConnectWise Control can provide the same functionality more safely, because they are self-hosted and operate from within your secure network. These tools can also be configured for additional security, with features like two-factor authentication and settings to prevent client machines from copying files.
Train your employees
Many data breaches and ransomware incidents can be traced back to an unwary employee clicking on a malicious link or downloading malware onto their computer. It’s imperative that you give your employees the training they need in order to avoid online threats. Topics to cover should include phishing awareness, safe downloads, business email compromise (BEC) attacks, social engineering, password safety, two-factor authentication, and WiFi security. Remember, a little knowledge goes a long way: A couple of webinars or “lunch and learn” sessions could greatly improve your company’s security posture.
Restrict data access
If you haven’t already done so, consider implementing a more restrictive data access policy. To put it bluntly, every employee doesn’t need to be able to access every file, and allowing your team free run of the company’s servers creates unnecessary risk even under normal circumstances. Many common business applications like Microsoft 365 Enterprise have built-in tools to grant or restrict permissions to different files, so use them!
Use cloud tools…
Cloud collaboration tools like Basecamp and Asana can make project management and remote work much easier, keeping members of distributed teams on track and in the loop. Storage and document sync tools like Dropbox Business and G Suite Enterprise are also popular ways to facilitate remote work. But these cloud tools also have another benefit: Their engineers take data security very seriously, and have implemented safeguards that can help make remote work more secure. Consider using one of these services to improve productivity and safety.
…Or make your own
Cloud collaboration services are excellent tools, but some IT managers worry about putting so much of their business in the hands of a third party. Additionally, these services may be untenable for smaller companies with limited budgets. If either of those sound like you, an attractive alternative is to set up self-hosted cloud storage using a tool like FileCloud. This provides greater in-house control over your data, while still allowing you to set up secure configurations that approximate the security of a third-party cloud service.
Mandate VPN use
One of the most serious remote work security challenges is the fact that employees will likely be using home WiFi networks or public WiFi. It should go without saying that these are potential cybersecurity risks, since you have no way of knowing if the network at your employee’s local coffee shop (or home office) is properly secured. If possible, remote workers should be required to use a VPN for all work-related functions.
Turn on 2FA
One “easy win” to make remote work safer is to enable two-factor authentication for all apps and services used by your team. This is really something that everyone should be doing already, because two-factor authentication protects employees — and employers — in the event that someone’s credentials are compromised: Without that second authentication factor, malicious actors aren’t able to use stolen passwords to access an account or network.
Make it easy
It’s one thing to make a list of requirements for a remote work security policy, but it’s another to enforce compliance. For this reason, it’s important to give remote workers tools that help them do the right thing. To offer one example, enterprise versions of password managers are very affordable, and they also take all the hassle out of creating and remembering strong, unique passwords. Not sure what to buy? Talk to your team about which parts of the security policy cause them the most headaches. Then seek out apps and services that will make their lives easier — and boost compliance.
Remote work has many benefits, both for employees and for companies. And although it does carry some additional risks, these are manageable if you take a few sensible precautions. Using a suitable combination of the strategies outlined above can help you set up a remote work program quickly, safely, and cost-effectively. If you have questions about setting up a Mac for remote work, drop us a line at Security@SecureMac.com, we’ll be happy to help!