Many working remotely for the first time are experimenting with more efficient ways to stay in touch with their colleagues, either through different chat applications or platforms that enable online calls.
Getting to grips with new tech and adapting to a different way of work, along with the added distractions and stresses, could mean employees pay less attention to the threat of cyberattack than they normally would.
With the security perimeter increasingly porous, and companies’ ability to enforce security policies lessened, it’s more important than ever that business leaders and security officers plan to deal with cyber threats, and quickly.
The reality is that many medium and large companies will already have provisions in place for secure home working.
However, many small companies sending their employees home to work for the first time are potentially more exposed.
The good news is there are several basic and quick-to-implement ways they can help their remote workforce remain safe and secure during this time of unprecedented change.
Here are four best practice procedures for your business to follow:
- Implementing multi-factor authentication (MFA) requires users to provide multiple credentials to log on and gain access, making it much harder for unauthorised users to break in.
- Identify official chat tools with built-in security features so that employees are provided with a safe and convenient alternative. Without the right security measures in place, cybercriminals can take advantage of chat tools and deceive users into downloading malicious links.
- Secure access to cloud apps which involves an authentication process with sign-ins and security defaults helps your company enforce its organisational policies around access to information. Organisations must also consider cloud and email security as well as threat protection for their workforce to better secure their digital assets.
- Instil greater awareness among employees, for example, urgent mails that make use of emotive language and call for a departure from company policy, and guide them as to where they can report suspicious activity.
Now is also a good time to remind them of the need for strong passwords and suggest they change weak ones, especially on personal devices they now plan to use for work.
Employees also need a basic understanding of conditional access policies and what their devices need to connect to the corporate network, like up-to-date anti-malware protection.
This way employees understand if their access is blocked and what they need for it to be reinstated.
It’s also a good idea to provide your staff with clear communication around connecting securely to the Internet.
For example, help employees understand why downloading and using consumer or free VPNs is a bad idea.
These connections can extract sensitive information from your network without employees realising.
Instead, offer guidance on how to leverage your VPN and how it’s routed through a secure VPN connection.
With so many businesses across the region implementing work from home policies, there’s little doubt cybercriminals will be looking to take advantage of remote workers in any way they can.
However, implementing best practice security tools and procedures will help you go a long way to guarding against these threats.
The author is regional manager of the Microsoft Middle East Cluster