Remote work is booming this year, with a large portion of the workforce considering or attempting to work remotely for the first time. One of the alarming side effects of this that OXEN has seen is the deliberate weakening of security protocols to make remote work possible or easier for workers. Granting external access into your network and systems means circumventing or drilling a hole through security protections, even if it’s for good reasons.
Here we want to provide some basic tips for safely and securely enabling remote work.
1) Use and enforce strong passwords
This should go without saying now, but it’s more important than ever. Here are some quick tips on everyday password security practices. But in general, remember that longer, complex, and unique passwords are the best. Consider implementing a secure password manager like LastPass to help your employees develop and remember complex passwords.
2) Develop and enforce a remote access security & Network Access Policies.
These policies should define:
- What types of remote access you permit
- How permission is granted to devices
- Levels of access and permission granted to users
Tiered levels of access will help you control who can access what, and on which devices. We have some more advice on best practices concerning BYOD in corporate networks here. Developing security and technology policies is also large undertaking, which a Shared CIO consultant can help you with.
3) Determine if your remote workers need VPN connections
VPNs are a hot topic right now, and you may find it’s the best way for your secure remote connections to your network. A VPN creates a private network from a public network connection. This means traffic and data is encrypted when transferred between a worker’s home office network and your corporate network. Not all users need this, but you should consider it for any workers needing sensitive data transfer.
What’s a VPN? And how do you know if you need one?
4) Require multi-factor authentication (MFA)
You should enable multi-factor authentication for all apps and services that support this security measure. MFA consist of three things that when combined verify someone’s identity. This is often summarized as “something you know, something you have, and something you are”.
MFA makes your current authentication procedures even stronger. And it can help against identity theft, brute force attacks, and phishing. Learn more about MFA, and why it’s important.
5) Secure all work devices against common threats
This means all devices: desktop and laptop computers, smartphones, and tablets. Install anti-virus and anti-malware solutions, or endpoint protection, which is more effective and better for mobile workers.
Make sure software and operating system updates and security patches are quickly and regularly applied. Viruses and ransomware aren’t the only threats – so are theft, loss, and social engineering. You need to be able to remotely manage these devices.
Looking for solutions to help you maintain and secure your devices? OXEN’s Essentials managed services bundle includes remote monitoring and maintenance, as well as endpoint security. You can learn more about the cybersecurity benefits of managed IT services here.
And That’s Not All…
Looking for more? October is National Cybersecurity Awareness Month, and there are many resources available for securing a remote workforce. You can find more resources at places like the Cyber Readiness Institute, the National Cybersecurity Alliance, and the Cybersecurity & Infrastructure Security Agency.