It feels like we’ve entered a different world. The shift to remote work is here to stay for much longer than we originally thought, and the biggest item that many businesses have not properly addressed is cybersecurity protection!
Millions of people had to adjust to remote work for the first time ever in early 2020. Two years later, and we still see that remote work is not only here to stay, but growing.
While there are many benefits to remote work for both employers and employees (greater productivity, happier workers), there are also lots of pitfalls to watch out for.
If organizations are going to survive running their business from living rooms or home offices, it’s going to require a lot of cyber security vigilance from both employees and IT teams - preferably a team who has deep cyber security expertise in hybrid and remote working.
So let’s start with the 5 top things you need to do secure your remote workers and your business data!
The 5 Top Tips for Securing Your Remote Workers and Data
1. Know where you're saving your data.
When you’re in your office on your work PC, you don’t think much about hitting “Save” on your current document and moving on.
Your IT guys likely configured your computer a long time ago, and all of your work typically goes to a secure drive that has been set up for your department or company.
Note: Hopefully you are NOT saving all your files on your desktop. Sure, that's the easiest thing to do but it's putting your data at risk. If your PC crashes or gets infected with a virus, all is lost. In most cases those files and folders are not backed up.
If you’re working on a personal laptop or a different mobile device these days, you need to be aware of where your files are being saved.
Maybe you’re using a VPN to connect to a server at the office where data is securely stored.
If you’re an Microsoft Office 365 user, you should be aware of the benefits of Microsoft OneDrive.
Whatever solution you had in place when you were all in the office, take a minute to figure out how to save your files where they really need to go.
You may need to talk to your IT provider to configure your VPN or OneDrive settings properly, but this is time well spent!
2. Use Multi-Factor Authentication (MFA) everywhere.
There’s no getting around it anymore, you must use Multi-Factor Authentication (MFA) anywhere and everywhere you can.
From Facebook, to your online bank, to Microsoft Office 365, every login needs to require a second form of authentication, usually through a text or email, to verify your identity.
This way, even if your account information is stolen, the cyber thieves still won’t be able to access your data.
MFA is the absolute best option to keep your accounts and data safe.
3. Keep your operating system and all software up to date.
We’re all getting so used to automatic updates on our phones and tablets, it’s easy to forget that if you haven’t previously configured it, your computer may still be relying on manual updates.
No matter which operating system you’re using, you need to ensure that updates are being processed automatically. Like everything else mentioned here, this will take a minute to configure, but once it’s done, you can move on knowing that you’ve protected your machine.
As for software, each piece of 3rd party software will be a bit different, but part of the beauty of cloud-based software such as Office 365, Adobe Creative Cloud, and QuickBooks Online is the automatic update feature that is enabled by default!
Be sure to check the settings for any locally installed software and enable automatic updates, or check with your IT team or IT service provider.
4. Understand your camera and microphone settings.
We're all doing a lot more video conferencing these days, and without some pre-configuration of your meeting software, you could accidentally share sights, sounds, or screens that are best left private.
Whether it's Zoom, Teams, or another app, take some time to configure screen share, audio, and video settings. Also, make sure to end every meeting and close out of the software before you move on to your next task.
Be sure that your employees are well-trained on whatever collaboration platform you've chosen. Learn the basics, like how to mute, screen share, and use the chat functionality.
You'd be surprised at how many people still mess this up, causing meetings to go less smoothly then you would like.
5. Be mindful of phishing attempts.
Phishing attempts have risen dramatically. Cofense has a great article discussing the alarming growth of phishing attempts since the coronavirus forced us all into our homes.
You may think, 'Well, all of our employees are well aware of the dangers of clicking on links in emails."
Unfortunately, statistics still show that a large percentage of users are still clicking on these links, as scammers become more and more sophisticated.
Now that we're all remote, the use of shared drives such as SharePoint, OneDrive, Google Drive, etc are getting much more use.
However, because users tend to trust links to those sites, attackers are increasingly use cloud filesharing services as part of their schemes.
Some things to look for when you suspect any email to be a phishing attempt:
- Misspellings in the email address
- Non-matching URL displayed when hovering over a link
- Grammatical errors
- Links to shared documents that make you think, "Now why would I need that?" or "Why is Mary from Finance sharing this doc with me...". If in doubt, email or call the sender to find out!
An Ounce of IT Security Prevention is Worth a Pound of Cure
While some companies were prepared to work from home, many others were forced very quickly to have everyone working form home.
Be sure to go through the simple steps we listed above, and stay alert of new phishing email trends as they come up.
Data security is always important, but now that we’re all remote, it means employees must be more vigilant than ever.
For a good summary, be sure to download our guide below, "The Basics of Securing Your Remote Data" and share with your team!