A Guide to IT Security for Remote Working
Reading time: 5 minutes
As we settle into the post-COVID world, we’re having to get used to new realities that are affecting the way we work. Not everyone may be keen on the idea – members of the Government have repeatedly voiced their disapproval – but one major change that does seem to be here to stay is remote working.
With that comes a number of challenges for businesses letting their employees work from home, not least being how they can keep a measure of control over aspects of IT security. This month, we’re taking a look at five key ways you can help your employees with their remote working IT security.
Passwords continue to be one of the major weak points in company IT security, and when your employees are working from home, it can be hard to ensure good practice. Basically, when you’re not there to keep an eye on them, people are likely to resort to writing passwords or reminders onto sticky notes attached to their laptops, in order to avoid having to remember passwords that are made up of a bewildering combination of upper and lower case letters, numerals and special characters.
We all know that passwords shouldn’t be based on personal information that can be easily traced via social media, and we should also be aware that different passwords for different accounts are also advised. So how can companies help their employees to follow guidelines?
Password managers can both create strong passwords and then keep them secure while being easily accessible from a number of devices. With just the one password needed to access them – an extremely secure one, naturally! – they reduce the onus on employees to manage and remember multiple passwords.
Once you’ve got a good password manager in place, backing it up with multi-factor authentication adds another useful layer of remote working security. That means that each time your employee logs in, a code that allows them to go to the next stage is sent to their registered email address or phone number.
It may feel like a drag having to wait for a code to get on with your job when you just want to get on with things, but it is a remarkably useful and effective process – that’s why it’s becoming an increasingly common tool used by major companies, especially banks.
Keep computers for work
When you’ve been equipped with a brand new, state-of-the-art laptop for working from home, the temptation can be to let other members of the family use it when you’ve finished for the day. After all, what harm can come from letting the kids borrow it for some online gaming so they can make good use of its faster speeds and improved graphics that are far far better than the older, cheaper model they’ve previously had to make do with?
Well, actually, quite a lot! You may know that you shouldn’t click on any links you’re not 100% sure are safe, but can you be equally sure that no one else in your house will? Don’t take chances with your company’s security and data, keep your company hardware for company use only.
When everyone’s working in the office, you know they’re all on the same network and that they can sit safely behind a secure firewall. Things are different out in the wider world, with everyone working on different WiFi networks, sometimes even catching up on emails and the like while out and about, maybe even working while having a coffee in their local cafe.
A virtual private network (VPN) can encrypt internet traffic and protect your identity under such circumstances, meaning that potential hackers can’t get their hands on your data – at least, not in any way that they could make use of. It also allows for the secure transfer of data, so that no matter where you are, you can access company files and information without putting your company’s security at risk.
We may think we’re aware of the dangers of email phishing, but those who use it to access others’ data are developing increasingly sophisticated ways of fooling us and encouraging us to click on those links and downloads that can do so much damage. A recent survey revealed that 66% of surveyed organisations had fallen victim to a successful phishing attack, with 30% suffering from a malware infection as a direct result.
Regular training and regular reminders of best practice should be one of the most important things you introduce – we all know how things can easily slip over time and how easily we can become complacent when everything is going smoothly. Making sure that awareness of the dangers of phishing stays at the forefront of your employees’ minds should therefore also be at the forefront of your own mind.
If you’re unsure of the best way to protect your company data and maintain the highest possible levels of IT security while your employees are working from home, talk to the experts at Pickl. We can provide effective IT consultancy to identify where your business or organisation is vulnerable and help you close the gaps in your security system.
Contact us today to find out more and let us help you keep IT simple.