8 Measures You Must Take to Protect Remote Workers
by Sean Curiel, on Apr 15, 2020 4:30:00 AM
Businesses must quickly adjust to government mandated stay-at-home orders that limit the spread of Coronavirus. This presents many new challenges, not the least of which is data security. Employees who are entering this remote workforce for the first time, far from the safety of their IT experts, are vulnerable to data being compromised through malicious websites, fake apps, ransomware, phishing schemes and more.
Cybercriminals are aware of this new weakness and making moves to exploit it. Action must be taken immediately to secure these network endpoints and keep businesses progressing despite this new environment. Today we look at 8 measures you must take to protect your remote workers.
- Enact Strict Policies
As personal and work-worlds collide, there may be an impulse to utilize every-day tools like Dropbox, Google Drive and local software too. But security concerns with the Zoom videoconferencing platform has generated controversy and reminded us that the IT administrators must make clear which tools have been vetted and authorized for official use. Technology outside of the sysadmin’s management ability cannot be accepted. Employees should sign-off on their understanding of the agreed upon security policy.
- Patch Everything
All operating systems, applications and communications technology must be updated with the current security patches. This includes software like web browsers, collaboration tools like Microsoft Teams and whatever platform is being used for videoconferencing. How are you keeping track of which devices have been updated? If you utilize a patch-management platform like ManageEngine, then require a system health be performed and passed before access is granted to the network.
- Use a VPN with Encryption
Making your endpoints less visible to hackers is critical to threat prevention. A Virtual Private Network (VPN) creates a secure point-to-point tunnel between the remote employee and the company network. Employees conveniently access resources in the same manner as if they were physically in the office. Should a mobile employee connect to exposed public WiFI, data is encrypted making it unusable even if intercepted.
- Require Multi-Factor Authentication
Even a strong password by today’s standards is not enough to secure your endpoints at the necessary level. Remote workers have to be able to provide multiple pieces of information to prove who they are. Asking a personalized question prior to the standard log-in can exponentially improve security.
- Establish a Security Response Plan
When a remote employee is threatened with ransomware or a data breach, the response from your technical team must be swift. Establish direct communication channels (dedicated email, phone line, etc) for remote workers to obtain technical support and to report issues. Build a clear action plan to prevent further damage, restore functionality and their critical data in the event of an attack. Leave nothing to question.
- Standardize on Antivirus
Employees may be tempted to protect their home systems in a variety of ways, but IT administrators must standardize upon and mandate a specific antivirus solution that can be centrally managed. In addition to preventing different forms of malware, antivirus can guard work systems against threats that arrive through various removable devices that employees may use.
- Monitor Backups Centrally
Critical data from remote employees may be kept in a variety of locations. Utilizing a centrally monitored backup solution like NovaBACKUP enables System Administrators to check on the status of backups and the health of their data from anywhere. Backup jobs can be automated to capture daily changes and stored to a dedicated server or even to a cloud location like NovaBACKUP Cloud, OneDrive or Azure.
- Provide New Education
With remote workers, communication is paramount. Employees must have a thorough understanding of how behavior at their remote location can drastically influence business data security. Provide education on what common security threats really look like and how they will gain a foothold into their system. Explain penetration testing and how the IT team utilize it to gauge the company's response to modern threats.
In a modern environment with dispersed workforce, protecting employees from threats like ransomware and data breach takes a little planning. Putting a comprehensive strategy in place not only creates physical security, but can also create a long term, positive mental shift that directly affects remote worker habits.