Knowing how to maintain security when employees work remotely is fast becoming a concern for many businesses as more and more adapt to remote working.
At OfficeTechHub we have years of experience in IT and data security. This blog will explore how security can be maintained by remote workers. We’ll cover the most common security risks when working remotely as well as tips and recommendations for using cloud-based systems, Microsoft Azure and disaster backup.
We’ve helped hundreds of businesses successfully set up their company networks to ensure they maintain security when employees are working remotely. Whether that’s from personal devices or employer devices, using public wi-fi, or a home network. Here are some of the FAQs around IT security and remote working.
This largely depends on how employees are working from home, how they access their data and how systems are built and configured. To start with – there’s one myth to bust immediately – just having anti-virus/anti-spyware installed is not enough. These are four of the most common security risks…
No surprises here! When you think of “potential security threat” in relation to IT, passwords are often the first potential security risk to come to mind.
We’ve moved on from just having a pin number for our bank card. These days there are passwords and pins for everything… our phones, laptops, tablets, computers and TVs – plus every single application or programme installed on them.
We get it – it’s tempting to keep things simple, to make access easy, to use the same password for everything, to “keep me logged in” and to swerve the multi-factor authentication option. But this leaves you open to a whole host of security risks.
If you don’t have a password, if it’s weak or if it’s easy to guess then you are at risk of being hacked. And without meaning to scare you, (our aim is to educate and support you – so that, actually, you don’t need us very often), once your password has been hacked, there’s a chance it will end up on one of many master lists of previously hacked passwords where it will be used for attempted phishing attacks or to gain access to your data and personal information.
And guess what – it’s not only those with malicious intent and tech-savvy who may pose a security risk. When you give your device to your children for access to YouTube, games or apps then there’s a chance they could unwittingly gain access to your remote desktop or your customer data. Yes, the risk is low, but imagine blaming a breach in network security on Peppa Pig – it’s not going to go down well.
So, whether it’s for working remotely or accessing Netflix – make it a strong password.
Don’t compromise security unnecessarily. If you need help in remembering your important passwords, then consider a password manager program. And opt for two-factor authentication wherever you can.
No, the updates themselves aren’t the risk… It’s not updating them that can put you at risk!
Those notifications that pop up to alert you there’s an update available for your software aren’t just to make whatever programme application you’re using “work better”.
They often include “security patches” which will fix weaknesses that have been identified as potential security threats or are open to malware infection.
This means it’s incredibly important for all programme updates to be installed on any employer-provided devices or personal devices that may be used for remote working. If PCs and devices aren’t patched or kept up-to-date and running on the latest versions, there’s a security risk for potential hacking, malware, spyware or possibly data loss as a result of any of these.
There are few aspects to remote access that we’ll cover here – use of a VPN, wi-fi and who has access to your device.
Using a corporate VPN to remotely access your corporate network and data is generally recognised as the most secure way for employees within a remote workforce to access a corporate network.
Whilst VPNs are a great way to maintain security when employees work remotely there are a couple of potential security threats to bear in mind.
Imagine your VPN as a super-secure tunnel connecting your laptop on your desk which is connected at one end to your home networks or wi-fi and at the other end, your corporate network containing your company data, customer data and everything else incorporated within your IT system.
Nothing can breach this “tunnel” or access the information and data as it travels through the tunnel. However – it’s at each point of entry, at either end of the tunnel, where the risks lie.
Despite VPN being a secure way to transfer information, there’s a potential risk at the entry points connected to each network – whether that be from the home network or the company network. Anything connected to either network, personal device or employer-provided device (desktop pc, laptop, iPad, phone, or tablet) will have access to the VPN, so if there’s an existing issue on either network, then this can travel via the “tunnel” to the other end – subsequently “infecting” the core data.
So, although VPNs are secure as you can’t penetrate the tunnel, you can open up access and instantly allow things straight through which could be a problem.
Wi-fi is another element of technology that has been designed to make life easier and more accessible. Yes, wi-fi is great and what we can do with it is incredible, but it’s also the easiest thing to hack on a network.
Couple this with the common factor that most people working from home tend to have older routers and technology at home that’s unlikely to be as up-to-date or as secure as they would be in an office, and you have another potential data breach.
If you’re working from a desktop or laptop in an office that’s connected to the internet via a cable, then the risk is reduced. So, although it might seem over precautious or take a little bit of extra effort – if you have the option to connect via a cable rather than via wi-fi, it would be a wise decision.
If you’re connecting to public or unsecured wi-fi networks to access a website, whoever controls this has access to the data going through it. Information such as credit card details, personal or sensitive data goes through their network.
In theory, that means someone has access to that and can read the data, they can manipulate it, copy, record it. This is where access via a VPN provider can make the difference as it protects your data and stops any data breaches or potential security threat posed by the wi-fi network.
As we’re talking ‘access’ here, it’s worth a reminder to consider who has access to your devices – as mentioned above, it’s crucial to have strong passwords.
And that really handy “remember me” feature? It makes like easier, but it also makes remote work so much riskier. If your work laptop is left on your desk, used in a co-working space or habitually situated on your kitchen table at home where colleagues or family members can access it then you don’t want them to be able to easily access your remote desktop or company data.
(Note: We’re not suggesting here that your co-workers, kids or partner would intentionally wreak havoc on your customer data but accidents happen which can leave you open to external threats.)
With file-sharing becoming common across multiple industries and a day-to-day activity for many, it’s another area to approach with caution.
Dropbox, Microsoft OneDrive, Google Drive, FileShare, and Box… plus many more – these are all great resources that help us to work more effectively and be more agile.
However, when you’re sharing your files, you need to consider…
The risks depend on how systems are built and configured but file-sharing can potentially leave you open to security threats such as viruses, malware, spyware, worms or Trojans.
Obviously, when you’re filesharing for business purposes the risks are more calculated – if you’re working with a reputable organisation and they look after their IT systems, then all should be well but if you see anything slightly suspect, then approach with caution.
Here are some quick suggestions to help remote workers maintain security when working from home or away from the office:
Here are three ways to maximise and maintain security for remote workers.
Now you know how to maintain security when employees work remotely, it’s time to put it into practice. Our remote solutions work for your business when you need them and include Microsoft Teams and a full Microsoft 365 suite to ensure business continuity remains stable at all times. Your workforce deserves the best tools to do their jobs.
Let’s work together and get your remote teams working productively and securely. Get in touch to see how OfficeTechHub can help your business work smarter.