11 Steps to Protecting Your Company Data in Times of Remote Work
By now, we have all settled into the new routines. (No matter how disruptive they seemed or how unprepared we were.) Your team and colleagues have shown incredible resiliency, hitting their targets while working from home, taking care of their families, and staying sane. You have achieved more under current chaotic circumstances that you ever thought possible. Your business is holding its head above water, and this alone is enough to be proud of.
The last thing you need right now is a data security breach. Unfortunately, as millions of people transitioned to remote work, hackers took notice. In the past month alone, cyberattacks skyrocketed from a few hundred each day to more than 5,000 on March 28 alone. Businesses without security measures in place are easy targets, risking their employees’ and customers’ financial and personal data, as well as business know-how and intellectual property.
While the race with cybercriminals never ends, these X security measures will drastically improve your chances of coming out on the other end of this crisis unharmed — at least when it comes to data security.
We talked to a team of IT solution specialists at 3nom IT, a New York and Miami based full service management company, for their advice.
Use company laptops
If at all possible, your now remote employees should exclusively use their company laptop when working from home. Separating their personal internet activity from their work will significantly reduce the risk of phishing and malware being placed on work laptops. 3noms CTO, Avrohom Liberman, said he provides all of his employees with a company laptop to ensure their company data is secure and to give his employees the tools to suceed.
Ensure the security of Internet connections
The most common way to expose your company to a data security breach is by using an unsecured Internet connection. The good news is that with the pandemic still upon us, your team is not likely to work out of coffee shops whose sparse Wi-Fi is notoriously prone to hacking. Still, it is worth reminding them that an encrypted home network is the most secure option for today. Network encryption can usually be turned on from the router settings in just a few steps, which makes it a great team-building exercise for the next “all hands on deck” meeting.
Set up a Virtual Private Network (VPN)
VPN is another way to mask internet activity from the prying eyes of cybercriminals. When installed on a machine, it acts are a dedicated gateway for company-related online activity by encrypting it and monitoring for any suspicious deviations.
Another benefit of a VPN is that it makes it possible for your tech support specialists to safely access any computer remotely — with the user’s permission, of course — and fix any issues or help with new software set up.
Avoid COVID-19-related searches
While not a part of the remote work technology stack, this recommendation is based on two factors: the all-consuming uncertainty and anxiety we all experience around the virus, and the surging number of fake websites appealing to our thirst for information to steal our passwords and other personal data. Over 50,000 COVID-19 websites have been created since January 2020, with 10,000–15,000 new domains added weekly. To stay safe physically and digitally, it would be wise to stick to authoritative sources of information such as the CDC.
Switch to strong passwords
It doesn’t take long for bots to break a password that contains personally identifiable data such as birthdays, names of friends and relatives, or past addresses. The best passwords use a combination of symbols, numbers, and letters of both cases, and are over eight symbols long. They also may be a huge pain to remember and keep straight, especially since it is strongly recommended to not use the same password for multiple accounts, no matter how complicated that password is. Password vault to the rescue! Services like 1Password and LastPass allow you to remember only 1 master password and secure the rest with multiple levels of encryption, allowing you to simply copy and paste your secure password into the login field.
A word of caution: if you use any of the popular browsers, it will encourage you to store your passwords, including the master password from the vault, there. Avoid it all costs. Even though it is convenient, those browser password storages are easily hacked.
Install two-factor authentication
Two-factor authentication adds another layer of protection to your company’s internal accounts and data. It requires something you know (a password) and something you have (usually, a smartphone) to verify your identity with a push or a single-use code and let you in. Apps like Google Authenticator and Duo are available for both iOS and Android and are free.
Move important and shared documents to cloud storage
Your remote team will be accessing a variety of documents simultaneously, from different places. The easiest way to stay on the same page with changes and to ensure the safety of information should anything crash on one of the dozens of remote machines, is to store everything in the cloud. Cloud storage provides a single source of truth for the documents’ inevitably spills Caprisun on dad’s laptop.
Set up and test backups
Along with moving the day to day operations into the cloud, make sure to set up or update a regular full system backup. It may not be a bad idea to increase the frequency as the risks increase. Once you do, run a comprehensive recovery test and establish the recovery protocols. This way, if a crisis strikes, you will know what you will get back and how quickly.
Leverage virtual office
An all-in-one solution encompassing secure remote access to employees, backups, managed firewall and router, spam filters, cloud computing, and day-to-day IT support is a virtual office. This turn-key approach to remote work allows for complete control at a fraction of the price of setting up a system from scratch and puts a team of IT experts at a call’s reach 24/7/365 to keep your business ticking.
Install all latest updates
As Zoombombing started trending, the virtual conferencing company released a series of important updates to the software to prevent unsanctioned access to video calls. Most of the other software companies have done the same. However, these crucial updates require a user’s action: she needs to agree to them, and then allocate the time for the software to update. We are all guilty of exiting out of the update popups on programs and applications or waiting until the very last moment to allow them. Now is not a good time; a timely software update can make or break data security efforts.
Secure your mobile device
Conscious smartphone use is as essential to the company data security as the way we use our laptops and desktops. Many mobile app versions of the popular remote work tools are inherently less secure than their desktop or web counterparts. On top of that, a surprising number of people keep their Bluetooth on at all times, subjecting their smartphones to external threats. So, encourage your employees to turn off unneeded sensors, enable two-factor authentication, and validate any website or app they visit or install.
Ultimately, securing your company data in times of remote work comes down to smart personal practices, a layer of technology protection, and transparent communication on the importance of these changes. To get everyone on the same page, invite your teams to attend one of the many online free webinar programs like 3nom’s Free Security Awareness Training.
Credit: 3nom IT | 3nom.com
For more information contact email@example.com
Interview Subject: Avrohom Liberman, CTO of 3nom