6 tips to secure your IT assets when teleworking
August 31, 2020
As we all know, new generations of digitally savvy employees expect a very different work style. The term created to describe the new work reality is modern workplace. The workplace is now the location where you choose to work, not where you go to work.
The transition from office to remote work has been underway for some time, but that shift has been accelerated because of the COVID-19 pandemic. According to a recent Lenovo survey, in this changed era, 72% of companies have encouraged or required their employees to work remotely (1).
As this new way of working is likely here to stay, have you thought about the security of your data? Here are six easy actions to take to secure your modern workplace.
Cybersecurity challenges of working remotely
1. New risks of unauthorized access to PCs and data
First, review all of your open ports. An open port refers to an app that is listening and waiting for a connection. For example, let's say that your server, which holds your website, opens ports 80 and 443 by default and is waiting for visitors to connect to these ports so they can deliver your web pages.
Opening remote access ports for telecommuting has the potential to increase security risks. Ransomware looks for such open ports, especially when you or your company connect to the internet through public devices; usually from an RDP connection or from Remote Desktop. Be sure to close any unused ports and configure the firewall to limit remote traffic to known sources.
2. Educate employees on phishing attacks
Collaboration apps such as Teams and email will likely remain the primary means of communication for remote employees. This fact has not gone unnoticed by hackers who use topical emails as bait to trick people into clicking on malware links.
The message to employees that not all emails are as innocent as they seem needs to be reinforced. Companies should, as a minimum, insist that all employees working remotely use an anti-virus tool on any device that connects to the company network.
A good IT solutions and services partner can help you protect your environment, create backup copies, and above all, support you in training your employees in organizational cybersecurity. Do some phishing tests on your employees to see if they readily recognize such attempts.
3. The need to secure devices on potentially dangerous remote networks
In our article Top 6 Remote Work Tools, we ranked VPNs (virtual private networks) among the essential tools for teleworking. A VPN provides a secure, encrypted internet connection between work computers and company servers.
In other words, a VPN is used to prevent anyone from spying on an unprotected network. There is no doubt that a company wishing to improve the security of employees working from home must use a VPN. Check your VPN configuration and make sure that the sudden increase in traffic does not slow down performance or cause service interruptions.
4. Strengthen security factors for remote access
Add two-factor authentication (2FA) as an additional layer of protection. This requires confirming the connection to an application via two separate devices for authorized access. This ensures that you are the only person who can access your accounts and applications, even if someone else knows your password or controls one of your devices.
5. Make sure you have a data usage and backup policy
One of the main dangers of remote work is the same one as appears in the office – human error. Wherever they work, the people you work with will make mistakes. They can make a wrong click, send sensitive information to the wrong person, or turn off protections that get in their way. Most mistakes are unintentional, so consider implementing and keeping updated data use policies.
Also make sure that your data backup and recovery application (e.g., Acronis) is up to date. In the event of data loss or ransomware, you can then easily revert to the previous backup and recover your data without any delay or loss of information – and without having to pay a ransom.
6. IT requirements for providing support to remote workers
IT departments are under pressure right now as they have to deal with an increasing number of calls, but simply cannot be physically present to resolve issues. Wait and repair times are increasing and employees are growing impatient. Consequently, they may try to fix the situation on their own and thus cause greater damage, such as data loss.
If this scenario is familiar to you or is starting to play out in your company, we suggest that you act immediately to avoid having an overwhelmed IT department. Do not hesitate to call on a company that offers managed services. Temporarily hiring IT experts to provide managed services is a quick, affordable, and reliable solution that will enable you to meet your various IT needs and take control before the situation escalates.
IT security is a major issue for companies and this is even more true in the context of the modern workplace. Take the example of a ransomware attack. The damage far exceeds paying the ransom. Such an attack affects all your delivery and procurement times and puts your clients’ and employees’ confidential information at risk. Take the necessary action to protect your data and do not hesitate to call on specialists to assist you in whole or in part in your company’s IT security.
To assess the level of security of your working environment for you and your team members, call our team of experts and we will advise you on the best practices to implement. Let's talk about it!
1 Lenovo Study, march 2020
A new Microsoft subscription platform offers users attractive discounts
Microsoft has started transitioning all its customers to NCE (New Commerce Experience), a Microsoft services subscription platform that offers more flexibility and potential discounts for users of Microsoft 365 and other Microsoft services.
Managed IT Services: Why Outsource the Management of Your IT Infrastructure?
technological shifts can put a strain on companies that don't have the budget
or means for a dedicated IT department. Often,
these organizations have no idea where to start, how to catch up, or even how
to maintain their current IT assets securely. It's for this reason that managed
IT services exist.
No Meeting Day: A New Workplace Philosophy at Kezber
Are you familiar with "No Meeting Day," "Focus Time," and "DeZooming"? These on-trend approaches to the workweek aim to boost productivity and efficiency. At Kezber, we're all about the modern workplace, which is why we recently began to embrace these new philosophies.