Mobility, telecommuting and collaborative work are practices that are developing in companies.
Sometimes chosen, sometimes imposed as in certain health periods such as Covid-19; forms of telework have become a major challenge for the activities of companies.
But with any advantage there are drawbacks. This permanent accessibility is exemplified by the acronym ATAWAD (anywhere, anytime, any device), which naturally has a flip side. In fact, it induces a permanent need for data accessibility, which raises important security issues.
Telecommuting is therefore a source of new challenges not only for IT managers, but also for all employees in a company. The implementation of good security practices related to this new trend is therefore essential.
As always, prevention is better than treatment… So here is a set of essential measures to apply, both for the efficiency of your telecommuting and the security of your business!
Good Practices to Adopt
Any implementation of effective measures logically starts with a thorough assessment of the situation.
Ask yourself the right questions: Are your team’s computers well protected by secure passwords? Is the communication channel for your sales representatives secure? Is your data encrypted?
Don’t neglect any aspect, it’s in times like these that attacks are most frequent and violent, as companies’ security is weakened. Requests for assistance related to cyber-attacks have increased by an average of 400% during the coronavirus period.
Once this quick checkup is done, take the appropriate measures. First of all, remember to encrypt your data. It is a simple and effective way to protect your company’s secrets by making them unusable in case of theft.
Update your antivirus and all of your software. An old or poorly secured version is a real treat for hackers.
Also pay attention to third-party hardware. USB keys, and even mobile charging cables. Recently, hacking has been taking place via this channel. Favour the equipment that you usually use in your company, or that is provided.
Also remember to back up your data. Store all of your important information on dedicated servers. This will help you prevent their loss in case of Ransomwares or computer problems.
After these fairly technical measures have been put in place, a number of more pragmatic steps need to be taken.
The first recommendation is, whenever possible, not to mix professional and personal activities on the same device. Combining the two on the same machine, even outside working hours, greatly increases the potential for data theft and phishing.
It is therefore imperative that you are extremely vigilant with the emails you receive. Limit or even avoid as much as possible opening attachments or mail from unknown people. The risk of email scams from people in your company is also possible, so don’t hesitate to check with the person by making a phone call.
In addition to telecommuting, there is the trend of BYOD (bring your own device). It consists of allowing your employees to work with their private equipment (computers, telephones, etc.).
This initiative, which often originated with employees, has become commonplace today. Sometimes the employer does not even know that their employees use their own equipment for work. To save time, many of them synchronise their mailboxes or calendars to their home phones. Increase your vigilance by making an inventory of the situation.
It is then necessary to provide training or feedback on the procedures to be followed in case of problems. This is often lacking. In fact, in most cases, it is ill-informed employees who are responsible for infiltration within the company.
Finally, remember to lock your screen when you are not using your computer. A simple keyboard shortcut like Windows + L is enough to protect yourself.
As said before, prevention is better than a cure. Anticipate that some problems may arise. This will allow you to be prepared to react as quickly as possible if these occur.
In order to limit them, however, adopt the measures mentioned above, and consider adding a restriction to all of your company’s sensitive documents or access, even if it means setting up temporary, renewable access.
Whether it’s telecommuting or the BYOD trend, companies must therefore attach more importance to data security. Indeed, a simple mistake on the part of an employee can have serious consequences for a company.
Securing your Data in the Cloud
Cloud technology allows you to work from home by increasing the level of security. When it comes to professional purposes, employees must be vigilant regarding the criticality of data shared or recorded with third parties (customers, partners, shareholders, etc.).
As several storage configurations are possible, several solutions are possible. First of all, if you have your own datacenters or computer rooms (“on premise” data) you will have to configure secure access yourself: HTTPS – VPN. Finally, if you go through a cloud expert, or the public cloud, ask your provider to set up this VPN.
Accessing your data through the cloud allows you to offer your employees better security. This avoids a material investment and prevents data loss. This allows you to work in a more secure way with, as only requirement, to access the internet via a VPN. However, pay attention to the type of Wi-Fi network you are connecting to (free coffee hub spots, etc.).
As you have understood, it is important to mobilise your entire company in the security process. Don’t give any gifts, if someone wants to get into your system, they won’t give you any either…
Current events lead us all to extend or even to make the practice of telecommuting more widespread, for all or for some of our teams. If needed, we can assist you in setting up secure telework (O365, SSl links, etc.).