6 tips to secure your IT assets when teleworking
August 31, 2020
As we all know, new generations of digitally savvy employees expect a very different work style. The term created to describe the new work reality is modern workplace. The workplace is now the location where you choose to work, not where you go to work.
The transition from office to remote work has been underway for some time, but that shift has been accelerated because of the COVID-19 pandemic. According to a recent Lenovo survey, in this changed era, 72% of companies have encouraged or required their employees to work remotely (1).
As this new way of working is likely here to stay, have you thought about the security of your data? Here are six easy actions to take to secure your modern workplace.
Cybersecurity challenges of working remotely
1. New risks of unauthorized access to PCs and data
First, review all of your open ports. An open port refers to an app that is listening and waiting for a connection. For example, let's say that your server, which holds your website, opens ports 80 and 443 by default and is waiting for visitors to connect to these ports so they can deliver your web pages.
Opening remote access ports for telecommuting has the potential to increase security risks. Ransomware looks for such open ports, especially when you or your company connect to the internet through public devices; usually from an RDP connection or from Remote Desktop. Be sure to close any unused ports and configure the firewall to limit remote traffic to known sources.
2. Educate employees on phishing attacks
Collaboration apps such as Teams and email will likely remain the primary means of communication for remote employees. This fact has not gone unnoticed by hackers who use topical emails as bait to trick people into clicking on malware links.
The message to employees that not all emails are as innocent as they seem needs to be reinforced. Companies should, as a minimum, insist that all employees working remotely use an anti-virus tool on any device that connects to the company network.
A good IT solutions and services partner can help you protect your environment, create backup copies, and above all, support you in training your employees in organizational cybersecurity. Do some phishing tests on your employees to see if they readily recognize such attempts.
3. The need to secure devices on potentially dangerous remote networks
In our article Top 6 Remote Work Tools, we ranked VPNs (virtual private networks) among the essential tools for teleworking. A VPN provides a secure, encrypted internet connection between work computers and company servers.
In other words, a VPN is used to prevent anyone from spying on an unprotected network. There is no doubt that a company wishing to improve the security of employees working from home must use a VPN. Check your VPN configuration and make sure that the sudden increase in traffic does not slow down performance or cause service interruptions.
4. Strengthen security factors for remote access
Add two-factor authentication (2FA) as an additional layer of protection. This requires confirming the connection to an application via two separate devices for authorized access. This ensures that you are the only person who can access your accounts and applications, even if someone else knows your password or controls one of your devices.
5. Make sure you have a data usage and backup policy
One of the main dangers of remote work is the same one as appears in the office – human error. Wherever they work, the people you work with will make mistakes. They can make a wrong click, send sensitive information to the wrong person, or turn off protections that get in their way. Most mistakes are unintentional, so consider implementing and keeping updated data use policies.
Also make sure that your data backup and recovery application (e.g., Acronis) is up to date. In the event of data loss or ransomware, you can then easily revert to the previous backup and recover your data without any delay or loss of information – and without having to pay a ransom.
6. IT requirements for providing support to remote workers
IT departments are under pressure right now as they have to deal with an increasing number of calls, but simply cannot be physically present to resolve issues. Wait and repair times are increasing and employees are growing impatient. Consequently, they may try to fix the situation on their own and thus cause greater damage, such as data loss.
If this scenario is familiar to you or is starting to play out in your company, we suggest that you act immediately to avoid having an overwhelmed IT department. Do not hesitate to call on a company that offers managed services. Temporarily hiring IT experts to provide managed services is a quick, affordable, and reliable solution that will enable you to meet your various IT needs and take control before the situation escalates.
IT security is a major issue for companies and this is even more true in the context of the modern workplace. Take the example of a ransomware attack. The damage far exceeds paying the ransom. Such an attack affects all your delivery and procurement times and puts your clients’ and employees’ confidential information at risk. Take the necessary action to protect your data and do not hesitate to call on specialists to assist you in whole or in part in your company’s IT security.
To assess the level of security of your working environment for you and your team members, call our team of experts and we will advise you on the best practices to implement. Let's talk about it!
1 Lenovo Study, march 2020
No Meeting Day: A New Workplace Philosophy at Kezber
Are you familiar with "No Meeting Day," "Focus Time," and "DeZooming"? These on-trend approaches to the workweek aim to boost productivity and efficiency. At Kezber, we're all about the modern workplace, which is why we recently began to embrace these new philosophies.
How to Cut Down on Time Spent Answering Emails
Nobody likes spending time organizing their email inboxes. “Email is one
of the tasks people complain about most. But the problem may not be the tool but with how we’re using it
COVID-Related Scams Are Targeting Your Employees
Cybercriminals know no shame. Through a variety of schemes that prey on your employees’ worst fears, bad actors are exploiting COVID-related anxieties and targeting vulnerable people.