Due to COVID-19 pandemic, millions of people are working remotely more than ever before. Also, businesses across the world have realised that this NEW NORMAL doesn’t impact on productivity that they initially feared about. Hence, with proven benefits of remote working, more and more businesses today are thinking ‘remote working’ as a permanent or as an alternative option to build geographically distributed teams.
Of course to embrace remote working, readily available remote working tools and technologies played an instrumental role in enabling this shift smoothly. However this also poses some security level challenges for businesses by giving hackers a wider surface to take advantage of.
Unfortunately, not every company has a well-defined WFH policy in place. While many those who have a WFH policy fail to take into account some of the unique security challenges that can affect on safety and security of company’s data.
What is a Remote Workforce?
Remote workforce is a group of those employees of any organisation who are allowed to work and perform all their essential job responsibilities from anywhere outside the office. By working remotely, it offers greater flexibility to employees in terms of working hours and schedule, but demands effective communication and accountability to remain productive.
What are the security considerations for remote working?
Below is the list of important remote working security tips that businesses can adopt to safeguard remote workforce and allow them to function smoothly.
- Make use of recommended applications (prefer ones that offer end-to-end encryption), official ids, antivirus and VPN software. Procure required licenses for all employees working remotely and give them a handy guide on how to use it, things to check periodically, how to keep it updated and how to notify if something goes wrong or looks fishy. All end-to-end communication should be done using official ids only.
- Ensure that your employees’ home router is secured. Use a strong password, Install firmware updates & Enable Logs, Check if encryption is set to WPA2/WPA3, Turn off WPS, Disable unused services like SMB, uPnP, Telnet etc.
- Reduce the usage of passwords. Go passwordless wherever possible. Replace with Single Sign On (SSO) and Two Factor Authentication (2FA) to mitigate with many security and productivity related issues.
- Implement or review your Bring Your Own Device (BYOD) policy that allows employees to use their own devices to access your enterprise apps and data. Ensure password-locking is setup on their devices.
- Make use of any hosted desktop solution that allows your employees to access all your enterprise apps and data from anywhere at any time over a web browser using an internet-enabled device.
- Review firewall policies as remote workforce will mostly be using their personal computers/gadgets (unless it is provided by the company) and working from different locations.
- Check if employees working remotely have sufficient bandwidth to access VPN, Video Conferencing tools, uploading / downloading documents etc
- Run IT security training and awareness programs at regular intervals to educate your employees about WFH / online scams and security threats. Provide tips on how to spot phishing sites, email, voicemails and SMSs and how to safeguard against them.
Backup your enterprise data at regular intervals. Hardware backups are a good option but for an easy, convenient and cost-effective way to backup data is to use cloud backup services or say Backup as a Service (BaaS).
What are some common remote access methods?
Remote access refers to allowing employees to work from home or from anywhere but can still gain access to a remote computer or network such as an office network.
The most common remote access methods that businesses use to provide access of its network to its remote workforce are:
- Virtual Private Network (VPN) [ExpressVPN, NordVPN, CyberGhost etc]
- Desktop Sharing Tools [TeamViewer, Chrome Remote Desktop, Microsoft Remote Desktop, LogMeIn etc]
- Privileged Access Management (PAM) [Microsoft Azure Active Directory, JumpCloud, PingIdentity, AWS Secrets Manager]
- Vendor Privileged Access Management (VPAM)
Best tips for managing your remote workforce
Follow below 8 tips to help manage and effectively work with remote workers
- Equip your employees with the right tools and technologies that they need to function effectively while working remotely.
- Be available, be a good listener and focus more on outcomes over processes
- Virtual communications may not be comfortable or effective for everyone. So be patient, build trust and deal respectfully.
- Dialogue frequently with your employees both in formal and informal ways so that they don’t feel left out and isolated.
- Share your expectations well in advance and provide flexibility in the working schedule as long as work is getting delivered in the right and acceptable manner.
- Learn about their aspirations & career goals. Ask for their feedback and suggestions on how they can contribute to growing the company’s success. Treat them as key stakeholders.
- Celebrate your remote employees birthdays, their achievements, company events etc remotely
- Build team bonding by arranging get together face to face once in a year