7 tips to help secure the mobile workforce
Karen O’Connor, general manager ICT services and solutions, Datapac, outlines the increased cyber risks associated with employees working from home and provides seven helpful tips for Irish businesses seeking to enhance the security of their remote working environment.
The modern workplace has changed significantly in recent years. Employees increasingly expect flexibility and mobility, and organisations must be agile and willing to adapt to retain and attract talent, while ensuring employees are well equipped for collaboration.
As demand for remote working grows, so too does the sophistication of cyber-attacks. Endpoint attacks in particular have been on the rise, bypassing an organisation’s network defences by targeting and infecting user devices with malware. When organisations face spikes in demand for remote working solutions, more devices are used to access the company network and so the risk of endpoint security breaches is significantly increased. Be it for regulation and compliance requirements or general business continuity, security measures should not be compromised on when workers move off-site.
Numerous factors can increase the risks facing organisations. This includes permitting employees to use unmanaged personal devices to connect to the company network, allowing employees to take home unencrypted devices from the relative security of the office and remote workers themselves bypassing email and web filtering solutions.
All of these conditions make it the ideal time for cybercriminals to ramp up the level of their attacks. In addition to softer security measures, cybercriminals know they can exploit the more relaxed and unguarded approach many people take to cybersecurity when at home and not in the office.
While mobile working poses new challenges for IT security, there are ways businesses can ensure that their remote working solution is as secure as possible. Here are seven helpful tips to help keep your mobile workforce protected as well as productive.
1. Encrypt devices wherever possible
When people are out of the office, there is often a greater risk of lost or stolen devices. Encryption helps protect the data on your device so it can only be accessed by people who have authorisation.
2. Ensure devices are up-to-date and fully protected
Go back to basics – ensure all devices, operating systems and software applications are up-to-date with the latest patches and versions. Make sure there is a reputable anti-virus endpoint solution installed on the device and it can update automatically from the remote location.
3. Create a secure connection back to the office
Use a Virtual Private Network (VPN) to connect home users to the office network. This ensures that all data transferred between the remote worker and the office network is encrypted and secured in transit.
4. Configure VPN access using principle of least privilege
Remote workers should only have access to what they need in order to do their job. Adhere to the principle of least privilege by limiting access rights for users to only the permissions they need to perform their work. All too often VPN’s are configured incorrectly, which can punch a hole right through the security defences of an organisation.
5. Avoid installing free VPN and remote access tools from the internet
It is very tempting to browse the internet and install a free remote solution from an unverified source. It is imperative that organisations do not do this. Unverified software often comes loaded with malware and unsuspecting companies could be granting remote access to their office network to more people than they intended.
6. Scan email and web traffic
As face-to-face working is reduced, it’s likely we will see a big increase in email and web traffic. Ensure that remote workers are protected by the same email and web filtering solutions as you have deployed on the office network.
7. User awareness and education training
Organisations should roll out user awareness training specifically targeted at remote workers. Most organisations will have delivered some user awareness training to its workforce but this training may not have included precautions specific to working remotely. Solution providers can deliver training initiatives such as a secure email phishing campaign remotely. This is a proven way to raise user awareness and reduce email security incidents.
While IT teams and businesses of all sizes are facing unprecedented challenges in mobilising workers on mass, there are ways to ensure that company security isn’t necessarily compromised. Datapac’s experienced and highly accredited network operations centre team provide support to many of Ireland’s leading organisations with the design and implementation of such measures, along with a range of remote working solutions specific to individual customer needs.
For more information on how to secure your remote working environment, contact us today.
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency."
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation."
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard."
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.”
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.