The TUC estimates that the number of UK people working from home increased by a fifth in the 10 years to 2016, and now stands at around 1.5 million people.
Advances in technology and demand for changing work patterns has now made working remotely a common practice, allowing employees to access data and work from any location and on any device. Remote working is growing in popularity and businesses need to ensure that their intellectual property, data and employees are secure from hackers and cybersecurity threats while working offsite.
Alongside company owned IT equipment, many businesses encourage employees to use their own devices including laptops and mobile phones. Keeping company owned equipment secure brings its own challenges but it is even harder to keep personal devices secure.
Cybersecurity risks of remote working
If company owned IT equipment is set up properly by your IT team then remote working doesn’t necessarily need to be less secure than being in the office. In saying this, if a company laptop is stolen then it does put your data at risk.
Many employees like to work from public places including coffee shops using publicly available wi-fi. This can be a security risk as it can often be easier for attackers to hack when using public wi-fi (depending on how the public wi-fi has been configured – which will of course be outside of your control).
If remote workers are using their own devices, they may have very little or inappropriate anti-virus software, or no security policies, or unknown third-party users. Their home wi-fi may also be less secure than the office network.
Providing security for remote working
If you have an IT team and your business allows remote working, then this should have been covered in your IT strategy. If you haven’t addressed this yet, then we can help. EPX Technical Services offers a range of security software and business practices which are appropriate for both office-based and offsite employees.
Cybercriminals are hitting businesses harder than ever and their portfolio of ways in which to attack is only widening. Because of this, a one-size-fits-all piece of anti-virus software will no longer come anywhere close to sufficiently protecting a business against the wide range of cyberattacks that it could face at any time. We have carefully selected and compiled the best cybersecurity solutions for businesses and compiled these 25-30 solutions into one, simple package with one, simple subscription fee. We believe this to be the only one of its kind and we call this product, Security Stack
The products and services within the Stack are monitored centrally by our team, constantly reviewed and adapted to match the ever-changing security landscape and automatically applied to our customers’ infrastructures. This ensures that the customer is always kept on the cutting edge of the technology curve and, of course, gives them peace of mind that their cybersecurity is under control and that their business is safe from attack.
Another way to keep secure is to ensure employees are setting secure passwords. (We previously wrote a blog about encouraging and setting secure passwords which can be found here.) This is another way to ensure better security when working remotely. Also enforcing two-factor authentication to control access to the company network is now common practice.
Cybersecurity training is a must if remote workers are to understand what is expected of them. (We also previously wrote about providing cybersecurity training and attack simulation as a couple of ways in which you could encourage employees to spot malicious activity. The article can be found here.) It is even more important to ensure remote workers receive this awareness training as they won’t necessarily be able to ask people around the office. It is important as a business that you ensure your remote workers understand and are following best practice. Create clear remote working policies and procedures that cover the use of all devices including personal devices (if allowed) and memory sticks.
Ensure work data and personal information are separated and preferably on different devices.
Ensure company policy states that employees should not use unsecure wi-fi or Bluetooth to send or open intellectual property and sensitive data. Always ensure remote workers are connected to a Virtual Private Network (VPN) which will encrypt data.
Enable the “find my device” option on any company devices like mobile phones and laptops and consider network monitoring software to raise anomalies in work practices. (Where “find my device” functions are unavailable, EPX has a suite of device tracking / remote erasure and recovery tools at its disposal.)
A business should offer the same support and infrastructure to remote workers, that onsite employees receive and should consider implementing patches and remote updates.
Protecting remote workers, data and intellectual property from attack is a huge part of cybersecurity. With dramatic increases in the number of cyberattacks, including phishing, ransomware and whaling, your business is constantly under attack whether it be onsite or from remote working.
EPX Technical Services offer a variety of cybersecurity solutions, including security training for employees, automated scans and 24/7 monitoring. These solutions are continuously being adapted and updated to follow the latest technologies and best practices. If your business requires help to support remote working, we can deliver this. To find out more call us on 01785 878311 or email us at firstname.lastname@example.org.