We are in this together.
We can’t say that enough. It’s not you, and I, but US.
Information technology and communications providers, amongst many others are considered essential services in this unprecedented time, and we take our role seriously. We are here to help, and we ask you (no, implore you) to reach out with any technology-related questions as you work to transition from a central office to a remote employee environment.
As you have transitioned for remote work environments, many of which will need to be done by the individual who will be working there, we developed this list of 8 things to keep in mind to secure a remote work environment on the fly.
Invest in antivirus software for all employee devices
Yes, technically it is your employee’s devices and these are usually outside of the typical IT circle. But with these circumstances coming about quickly, there may not have been time to follow your normal procurement cycle to get the specific equipment your employees need to remain productive while working from home. That means they will be working from their own device, and they may or may not be as cognisant of your security measures. So a good rule of thumb is to work to ensure that all employees utilise antivirus software. Many ISPs (internet service providers) also offer free antivirus software with their service, and we would encourage you to take full advantage. There are several ways you can handle this and we invite you to give us a call to see what will work best for your organisation.
Consider VPN Security
A VPN is a virtual private network that can provide additional levels of security than the ordinary world wide web. What is my IP address shares a great, succinct explanation of VPN:
● A VPN is a service that you sign up for online for a small monthly charge
● Once you have an account, your VPN service should be “on” when you’re online
● A VPN, in action, takes your Internet connection and makes it more secure, helps you stay anonymous and helps you get around blocks and access censored sites.
● The key to a VPN is that it lends you a temporary IP address and hides your true IP address from every website or email you connect with
Provide Support for setting up a secure home network
Here is where we come in. During this time, invite your staff to reach out to us directly to help your employees troubleshoot any challenges they may have when setting up their home network and effectively securing it. To maintain consistency, as well, it may be in your best interest to provide standard routers and equipment (if feasible) to all of your newly remote employees so you can ensure that all users are utilising the same technology and security protocols.
Train Employees on Effective Physical Security Measures Brian Stark, general manager of North America at smanos, a smart home and DIY security company told Business News Daily that, “Home offices often contain expensive equipment or even physical files or documents that contain sensitive information, so it’s imperative to explore security options. While it’s not possible for all home offices to have a scan-to-enter system or a security guard, it’s important to add whatever elements of traditional physical security you can.”
Just being aware of your physical surroundings can be critical in maintaining physical security. And another rarely thought of aspect to securing a home office is family. While they may not have malicious intent in mind, files can accidentally be deleted, or accidental e-mails sent. So, encourage your employees to keep family off of their devices, especially unsupervised.
Clearly and regularly communicate company policies
You have clear rules for technology inside of the office, so you should also have specific policies for home offices. While you can’t police as strictly as you could within the office, you should still develop a specific list of requirements your employees should follow such as:
● Regular scanning of the device for malware and viruses.
● Timed screensaver automatically locking down the desktop if away for a certain amount of time.
● Hours the employee is expected to be available.
● Allowed business communications platforms, such as Microsoft Teams, Zoom etc.
In addition, you also need to clearly communicate to your employees the reporting process and requirements if they do find themselves infected with a virus or malware so that you can react proactively to any potential threat.
Use a centralised storage solution
If you haven’t already, you will want to decide on a centralized storage solution. Whether you chose a cloud solution or an on-premise solution, now that your employees are working outside of the office, having a centralised storage solution can ensure you retain access to any and all of your employees’ work product. Andrew Hay, chief information security officer at DataGravity, explains the importance of this with Business News Daily, stating that “Ensuring that sensitive data is stored and protected centrally is always a good course of action. This allows central management and control of all aspects of the data, such as ownership, access, availability, security, etc., with a reduced chance of duplicate copies residing in places beyond the reach of the organization, such as on a personal laptop, mobile device or cloud environment.”
And, in the event that an employee needs to be let go, you can ensure access to the items that the employee was personally responsible for.
Enforce reasonable session time-outs for sensitive programs or applications.
Employees step away from their desks. It happens. Bathroom breaks, to grab another glass of water or lunch. The essential cup of coffee. But timing-out within seconds of inactivity can lead to frustration as workers must keep reloading programs. A session time-out is a necessary security process, as not everyone always remembers to log out at the end of the day, but be sure that you set the time-out for a reasonable amount of time.
Limit program/file access to only the areas absolutely needed by that employee.
Now is the perfect time to evaluate who has access to what programs and files. You might find that some who had access did not necessarily need it or use it, and that license can be moved to another. With many software solutions being subscription-based, this could end up being a cost-saving measure in these unique times.
Reserve the right to terminate employee access at any moment.
Unfortunately, there are times that employees need to be let go or events where an unauthorised individual gains access to their physical device. If you notice suspicious activity on a particular employee’s account, don’t hesitate to turn it off, even before speaking with the employee.
Moving forward in this temporary new normal
Our worlds have been turned upside down by the events that have taken place these last few months and we all are working to pivot and find our feet in this new normal. We are all in this together, and together we can secure your future for when this current time is over. What was once considered normal, may not be normal tomorrow.