Now that everyone in your office is working from home, here are 10 tips to help your users and company to stay secure while protecting everyone’s physical health.
1. Enable collaboration with technology
Just because users aren’t sitting next to each other or down the hall, doesn’t mean collaboration has to end. Enable online collaboration with unified communication and chat tools designed to enable teams to work together.
2. Ensure devices and systems are fully protected
Ensure all devices, operating systems and software applications are up to date with the latest patches and versions. Very frequently, malware breaches an organization’s defenses via a rogue unpatched or unprotected device. Users’ home computers greatly magnify this threat.
3. Scan and secure email and establish healthy practices
Home working will likely lead to a big increase in email as people can no longer speak to colleagues in person. Criminals are wise to this and are already using the coronavirus in phishing emails as a way to entice users to click on malicious links. Ensure your email protection is up-to-date and raise awareness of phishing.
4. Enable web filtering
Applying web filtering rules on devices will ensure that users can only access content appropriate for ‘work’ while protecting them from malicious websites.
5. Enable cloud storage and multi-factor authentication
Cloud storage enables people to still access their data if their device fails while working remotely. Don’t leave files and data in the cloud unprotected and accessible by anyone. At the very least, employees must successfully authenticate. Multi-factor authentication takes that a step further.
6. Manage use of removable storage and other peripherals
Working from home may increase the chance of people connecting insecure devices to their work or home computer – to copy data from a USB stick, or to charge another device. Considering that 14% of cyber-threats get in via USBs/external devices, it’s a good idea to enable device control within your endpoint protection to manage this risk.
7. Make sure you know about “Shadow IT” solutions
With large numbers of people working from home, Shadow IT – where non-IT staff find their own ways of solving issues – will likely increase. Bedrock partner, Sophos recently discovered "public" Trello boards containing names, emails, dates of birth, ID numbers, and bank account information. Ensure users report use of such tools.
8. Encrypt devices wherever possible
When people are out of the office there is often a greater risk of lost or stolen devices. Most devices include native encryption tools such as BitLocker – be sure to use them.
9. Control mobile devices & endpoints
Mobile devices are susceptible to loss and theft. You need to be able to lock or wipe them should this happen. Implement application installation restrictions and a Unified Endpoint Management solution to manage and protect mobile devices.
10. Make sure people have a way to report security issues
With home working people can’t walk over to the IT team if they have an issue. Give people a quick and easy way to report security issues, such as an easy-to-remember email address.
If you are unsure how to implement any of these tips, Bedrock can help! Contact us today to find out how!