Essential security practices for teams working from home

by Josh Biggs in Tech on 30th March 2021

In 2021, remote work is the new normal. As more and more companies announce their plans of switching to work from home indefinitely, and researchers back up their decision by saying that remote workers are more productive, it wouldn’t be too far-fetched to say that the office as we know it might soon become obsolete. According to a recent study, only 3% of employees want to get back to the office after the pandemic ends, and two-thirds of entrepreneurs believe that remote work will soon become the standard. Although there was a lot of skepticism at first, the past year has proved that there are more benefits than drawbacks to remote work and that employees can be just as productive at home. In the era of digital transformation and collaborative tools, you can ensure business continuity, and efficiency shouldn’t be affected during the switch.

However, sending teams to work from home requires some caution, especially when it comes to cybersecurity. According to a Deloitte report, the pandemic has been an opportunity for cybercriminals, who take advantage of security vulnerabilities to exploit sensitive corporate data. The report also revealed that nearly half of Internet users fall for a phishing scam while working from home and that, between February and May 2020, there were over half a million cyberattacks on video conferencing services. These numbers definitely sound a bit scary, so what can you do to have remote work more secure both for employees and your business data?

Well, one thing is for sure: you simply can’t afford to send your team home, let them work from their personal laptop, and hope for the best. If they are the victim of a cyberattack, it’s not just their personal data that will be compromised but also your business data. Recovering from such an attack is difficult, if not impossible, so the best thing to do is take precautions and make sure your employee’s devices are just as secure at home as they are at the office.

Ideally, that would mean giving them a work laptop and asking them to use only that one for work tasks. However, that’s not always feasible and, even if you do give them laptops, people can have trouble separating home and work devices. In this case, to reduce risk, you should train them to follow the best cybersecurity practices and invest in a few tools that will make them less vulnerable:

Install a VPN and a good antivirus

Even if your employees use their personal computer, chances are they already have some sort of antivirus tool installed – however, that may not be enough to provide complete protection against the latest threats, especially if it’s a free version. To stay safe, invest in a good antivirus for business, which can protect your team’s devices from threats such as trojans, ransomware, and spyware.

For even more protection, you should also install a VPN, which adds an extra layer of encryption and prevents other websites from monitoring their activity. Remember that many professionals choose to work from public places such as cafes, which do not have secure connections, and the risk of business data getting into the wrong hands is even higher. Make sure you choose a VPN with a kill switch – this way, if the VPN suddenly disconnects, the kill switch will automatically disable the Internet connection so that no personal data can be accessed during the disruption.

Enable remote wipe

Hopefully, it won’t come to that, but if an employee’s laptop is stolen or lost (which is more likely when they work from home than when they work from the office), you should have a contingency plan in place. More specifically, remote wipe. By enabling this option, you can remotely wipe any sensitive information from the device as soon as possible so that other people can longer access it, not even through recovery tools. If you use Windows or macOS, remote wipe is built into the default settings, but if you use Linux, you’ll need to install a third-party tool.

Check the security ratings of the software you use

Sometimes, the threat doesn’t come from the websites your employees access or their lack of cybersecurity literacy but from the vulnerabilities in the software the company uses. So, now is a good time to go over your providers’ security ratings and, if you find any weak links in their cybersecurity performance, it’s better for your organization to choose someone else. The transition may be a bit of a headache, but the effort is worth it if you want to avoid a massive data breach and lose public trust.

Invest in cybersecurity training

Cybercriminals can use sophisticated tactics to exploit software flaws, outsmart users, and get their hands of valuable data that they can later sell. However, most attacks still occur because people forget to follow the most basic security practices. Many times, hacking is a matter of social engineering, not brute force, which is why you should make sure that every team member who works from home takes these basic security measures:

  • Password management – in this day and age, people still use simple, easy to guess passwords on personal and business accounts. Instruct your staff on how to create unique, secure passwords and store them safely in a password management tool instead of writing them down on post-its or in the Notes app on their phone.
  • Make sure they turn on two-factor authentication so that even if someone gets their hand on their password, they can’t log in because there’s an extra layer of security.
  • Teach your employees to recognize spam and phishing attempts. That includes suspicious links in unsolicited emails, fake websites, and unsafe browser plugins.
  • Instruct them on how to secure their home router. Most people don’t take the time to change the default password on their router, and that makes it really easy for hackers to gain access to their data.

By taking all these measures, you can boost your organization’s cybersecurity rating and reduce the chances of falling victim to a data breach.

Categories: Tech