The popularity of working from home pumped up during the COVID-19 pandemic and may be here to stay. Your employees need to be working as securely from their homes, virtually, as they would be from your brick-and mortar location. The following tips for remote-office security are also beneficial when your employees are in your workplace.
How and when do employees connect to your corporate network? While no solution will eliminate every risk, taking multiple security steps will make gaining access to your network and information more difficult for those who shouldn't have it. Possible steps include:
Have employees use business-issued devices when possible. This typically is more secure than allowing them to use personal devices. You can secure the devices at the start and then regularly update the security features and control the applications placed on them to keep them protected.
Implement strong "bring your own devices" (BYOD) policies. If requiring all employees to use only work-issued devices isn't practical, take steps to secure employees' own devices. Require employees to register with the company and secure any devices they'll use to access the corporate network.
Choose the best system for employees to connect with the company's network. One way is through a virtual private network (VPN), which encrypts data as it's sent and then decrypts it when it's received. This makes it more difficult for unauthorized individuals to access the data.
Implement dual-factor authentication. As its name suggests, this requires employees to demonstrate their identity in two ways. So, in addition to entering a user-name and password, an employee may have to enter a code sent to his or her cell phone or computer. This reduces the risk someone can impersonate an employee to access the network.
Use role-based access control (RBAC) and the principle of least privilege. These limit access to applications and confidential information so that only employees who truly require particular information are able to gain access to it. Under RBAC, employees in the accounting department typically require different applications than those in the human resources department. The same principle can be applied within one department — for example, in the accounting department, junior employees would have less access to specific accounting applications and information than the controller would.
You also may want to consider technology-based security strategies. For instance, your business may benefit from deploying a malware solution, which uses specific computer programs to detect the presence of malware (short for malicious software) or viruses (a type of malware that self-replicates and inserts itself into other programs). Then, these programs remove the malicious software.
Another possibility is to use a mobile device management (MDM) solution, with features, such as device tracking, that enable IT administrators to control and secure your organization's mobile devices. To respect employees' privacy, some of these allow users to separate their work and personal profiles. In addition, if a device is lost or stolen, many MDM solutions allow you to erase the data on it.
In general, it's a good idea to practice "cyber hygiene." On an ongoing basis, train employees in security best practices:
Finally, despite your best efforts, a breach may occur. Make sure you establish procedures in advance for handling a breach. This should include steps for investigating, containing and recovering from the breach, and for communicating with any affected parties.
While no single action can guarantee total security, the more layers your security defense has, the more likely it is that a breach that penetrates one defense can be stopped by the next. Get professional advice to help you determine which practices and solutions fit your business.
Get in touch today and find out how we can help you meet your objectives.