8 steps for improving security while your teams are working remotely
Working from home presents new cyber security challenges that must be managed. At a time when more people than ever will be working from home, many of whom are not used to it, cybercriminals are taking advantage.
Cyber security and user awareness training has become an essential part of keeping businesses protected from today’s sophisticated phishing and malware attacks, and this must be continued during this period of home-working. An organisation’s best cyber defence strategy can be unravelled by mistakes made by stressed or careless users.
There are extra steps that can be taken to alleviate some of this risk. Here are the measures we’d recommend implementing to improve security while your teams are working remotely.
- New accounts and accesses
If staff need to be set up with new accounts to allow them to work from home, ensure these are secured with strong passwords and implement multi-factor authentication (MFA). Users often don’t bother to change default passwords, or they use easy-to-guess names or dates because they’re simpler to remember. This creates vulnerabilities for the entire network.
- Reminders about password security
While waiting for new accounts to be set up, users may attempt to login to a colleague’s account. This is often done for well-meaning reasons (they’re just trying to get on with work), but it can cause a breach. In addition, it can make tracking a security event far more difficult. Train staff to maintain confidentiality for all their private accounts, even within the organisation.
- Training for new or different software
Remote workers might be using new software, or using existing software differently to the way they would in the office environment. For example, if you’re implemented Microsoft Teams to enable everyone to collaborate on projects. Make sure you give staff training on how to use these new tools and provide quick guides to ensure already stretched service-desk teams aren’t overwhelmed with questions. You can use our guide to Microsoft Teams here.
- Be clear about where staff can go for help
Remember that some people may find working from home and the surrounding circumstances stressful, so they are not in an ideal situation to learn new technologies quickly. In addition, they might not be able to ask a colleague for help as they normally would in an office. Making it clear who these staff should go to for reporting problems will make things much easier.
- Be strict about security controls
Be it a firewall, antivirus solution or pop-up blocker, turning off any security tool poses a serious and immediate risk. Yet users sometimes do this because they view the tools as an inconvenience, especially if they can a delay to productivity. Lock these controls so only administrators can make changes, and be strict on the necessity of security controls.
- Reminders about email security
It’s worth sending a quick reminder to all staff about the threats posed by opening suspicious emails. Even when users suspect an email is bad, many will still click an attachment or a URL, which can give cybercriminals access to the network.
- Device safety
Just because the majority of us are staying at home, doesn’t mean everyone is. Burglaries are still occurring so it’s sensible to keep devices such as laptops hidden away overnight when they’re not being used. During the work day, encourage staff to lock screens if they are being left unattended, especially if there are children or housemates present. Encourage users in a positive, blame-free manner to report losses as soon as possible. The early reporting of such losses may help minimise risk to the data, as it can be wiped remotely.
- Issue guidelines for file sharing
If staff are working on sensitive documents and need to collaborate on content with the rest of their team, make sure they have suitable software to enable this. Microsoft Teams is ideal for the job as colleagues can work together on a document without it leaving the secure platform. In addition, user access levels can be amended in Microsoft 365 to limit who can see or share certain data.
For more information on understanding cyber risks and improving security while working remotely, contact us for advice. If you’d like to know more about how Microsoft Teams can improve connectivity and security for home working, take a look at our Microsoft Teams page.