A record number of businesses said goodbye to the traditional in-office work model in 2020. They embraced the remote work model as they adapted to the new COVID-19 reality. It was a huge shift that came with many challenges, and some of those challenges are still felt today.
One of those challenges was – and is – cybersecurity. Businesses wanted to get their remote workforce up and running, but there were many questions about how they would keep their new remote employees secure.
So, how can you enable remote work while keeping your business and your employees secure? How do you keep cybercriminals out? The answer is multifaceted. There is no one-size-fits-all approach to cybersecurity — that would make things much easier! But there are several steps you can take to help your remote team stay productive while keeping the cybercriminals out. Here are three things you need to do:
1. Skip the public WiFi. This is Cyber Security 101. Never use unsecured, public WiFi, especially when working. For remote employees who have the option to work from anywhere, using public WiFi is tempting. It’s just so easy to access, but it comes with huge risks, including the potential to expose your device to intruders. Thankfully, there are plenty of options to help keep employees connected without having to worry about snoops. The most popular is the VPN or virtual private network. VPNs allow remote workers to access the Internet, even though public WiFi securely. VPNs are ideal for remote workers who need to access your network routinely.
Another option is the personal hotspot. This is a portable WiFi access point, usually paired with data service through a telecom like Verizon, AT&T, or T-Mobile. It gives remote workers flexibility to work anywhere they can get high-speed data service. Because the remote worker is the only person on the hotspot (and should be the only person), there is less worry about hackers snooping for your data.
2. Have a strong device policy. When it comes to cost-cutting, it can be appealing to let employees use their own devices while working remotely. Avoid this, if possible. The bring-your-own-device (BYOD) approach has its benefits, including keeping costs down. Still, the security costs could be massive, especially if an employee gets hacked or misplaces crucial data. In short, BYOD can get complicated fast, especially for businesses unfamiliar with the BYOD approach. That said, many businesses work with an IT services company or managed services provider to create a list of approved devices (PCs, laptops, tablets, smartphones, etc.) that employees can use. Then those devices are loaded up with malware protection, a VPN, and other security solutions. So, while employees may be using various devices, they all have the same security and other necessary software to perform their duties.
The best device policy, however, is to provide employees with work devices. This ensures that everyone uses the same hardware and software, which makes it much easier to keep everyone up-to-date and secure. It takes a little more effort logistically, and it has a higher up-front cost, but when it comes to keeping your business secure, it’s worth it.
3. Don’t forget about physical security. While many businesses are focusing on digital security right now, they’re not putting a similar focus on physical security. They may have a team of people working remotely spread across different neighborhoods, towns, states, or countries. This mobility comes with the risk of device theft or loss.
If employees are carrying their work devices with them for any reason, employees should keep those devices nearby at all times. That means never leaving work devices in vehicles or unattended at a café or airport (or any location). Never leave a device where it has the potential
to be taken. It’s also important to remind employees to keep their doors locked and keep work devices out of sight. You wouldn’t want to set up a home office in a room facing the street outside while leaving the windows open and the door unlocked because you never know who may walk or drive by. Just as cybercriminals are always looking for ways to break into your network, criminals are looking for opportunities to walk away with high-value items.
The way we work is changing, so we must be prepared for whatever happens next. Implementing these three steps will give you a starting point, but they aren’t the endpoint. Work with an experienced MSP to get the most out of your remote work approach. Many businesses will not be returning to the traditional in-office model, so the more steps we take to secure our businesses and our remote teams, the better off we’ll all be.