7 tips to help secure the mobile workforce

Karen O’Connor, general manager ICT services and solutions, Datapac, outlines the increased cyber risks associated with employees working from home and provides seven helpful tips for Irish businesses seeking to enhance the security of their remote working environment.

The modern workplace has changed significantly in recent years. Employees increasingly expect flexibility and mobility, and organisations must be agile and willing to adapt to retain and attract talent, while ensuring employees are well equipped for collaboration.
As demand for remote working grows, so too does the sophistication of cyber-attacks. Endpoint attacks in particular have been on the rise, bypassing an organisation’s network defences by targeting and infecting user devices with malware. When organisations face spikes in demand for remote working solutions, more devices are used to access the company network and so the risk of endpoint security breaches is significantly increased. Be it for regulation and compliance requirements or general business continuity, security measures should not be compromised on when workers move off-site.

Numerous factors can increase the risks facing organisations. This includes permitting employees to use unmanaged personal devices to connect to the company network, allowing employees to take home unencrypted devices from the relative security of the office and remote workers themselves bypassing email and web filtering solutions.
All of these conditions make it the ideal time for cybercriminals to ramp up the level of their attacks. In addition to softer security measures, cybercriminals know they can exploit the more relaxed and unguarded approach many people take to cybersecurity when at home and not in the office.
While mobile working poses new challenges for IT security, there are ways businesses can ensure that their remote working solution is as secure as possible. Here are seven helpful tips to help keep your mobile workforce protected as well as productive.

1. Encrypt devices wherever possible
When people are out of the office, there is often a greater risk of lost or stolen devices. Encryption helps protect the data on your device so it can only be accessed by people who have authorisation.

2. Ensure devices are up-to-date and fully protected
Go back to basics – ensure all devices, operating systems and software applications are up-to-date with the latest patches and versions. Make sure there is a reputable anti-virus endpoint solution installed on the device and it can update automatically from the remote location.

3. Create a secure connection back to the office
Use a Virtual Private Network (VPN) to connect home users to the office network. This ensures that all data transferred between the remote worker and the office network is encrypted and secured in transit.

4. Configure VPN access using principle of least privilege
Remote workers should only have access to what they need in order to do their job. Adhere to the principle of least privilege by limiting access rights for users to only the permissions they need to perform their work. All too often VPN’s are configured incorrectly, which can punch a hole right through the security defences of an organisation.

5. Avoid installing free VPN and remote access tools from the internet
It is very tempting to browse the internet and install a free remote solution from an unverified source. It is imperative that organisations do not do this. Unverified software often comes loaded with malware and unsuspecting companies could be granting remote access to their office network to more people than they intended.

6. Scan email and web traffic
As face-to-face working is reduced, it’s likely we will see a big increase in email and web traffic. Ensure that remote workers are protected by the same email and web filtering solutions as you have deployed on the office network.

7. User awareness and education training
Organisations should roll out user awareness training specifically targeted at remote workers. Most organisations will have delivered some user awareness training to its workforce but this training may not have included precautions specific to working remotely. Solution providers can deliver training initiatives such as a secure email phishing campaign remotely. This is a proven way to raise user awareness and reduce email security incidents.

While IT teams and businesses of all sizes are facing unprecedented challenges in mobilising workers on mass, there are ways to ensure that company security isn’t necessarily compromised. Datapac’s experienced and highly accredited network operations centre team provide support to many of Ireland’s leading organisations with the design and implementation of such measures, along with a range of remote working solutions specific to individual customer needs.

For more information on how to secure your remote working environment, contact us today.

register for upcoming events

Register for upcoming events

  • Datapac provides IT services to Glanbia
  • Datapac provides ICT infrastrure to Holfeld Plastics