Posts

A record number of businesses said goodbye to the traditional in-office work model in 2020. They embraced the remote work model as they adapted to the new COVID-19 reality. This switch to remote work was a huge shift that came with many challenges, and some of those challenges are still felt today.

One of those challenges was – and is – cyber security. Businesses wanted to get their remote workforce up and running, but there were a lot of questions about how they would keep their newly remote employees secure.

So, how can you enable remote work while keeping your business and your employees secure? How do you keep cybercriminals out? The answer is multifaceted. There is no one-size-fits-all approach to cyber security — that would make things much easier! But there are several steps you can take to help your remote team stay productive while keeping the cybercriminals out. Here are three things you need to do:

  1. Skip the public WiFi. This is Cyber Security 101. Never use unsecured, public WiFi, especially when working. For remote employees who have the option to work from anywhere, using public WiFi is tempting. It’s easy to access, but it comes with huge risks, including the potential to expose your device to intruders.Thankfully, there are plenty of options to help keep employees connected without having to worry about snoops. The most popular is the VPN, or virtual private network. VPNs allow remote workers to securely access the Internet, even through public WiFi. VPNs are ideal for remote workers who need to routinely access your network.Another option is the personal hotspot. This is a portable WiFi access point, usually paired with data service through a telecom like Verizon, AT&T or T-Mobile. these devices give remote workers flexibility to work anywhere they can get high-speed data service. Because the remote worker is the only person on the hotspot (and should be the only person), there is less worry about hackers snooping for your data.
  2. Have a strong device policy. When it comes to cost-cutting, it can be appealing to let employees use their own devices while working remotely. Avoid this, if possible. The bring-your-own-device (BYOD) approach has its benefits, including keeping costs down. We need to keep in mind the security costs could be massive, especially if an employee gets hacked or misplaces crucial data. In short, BYOD can get complicated fast, especially for businesses unfamiliar with the BYOD approach.That said, many businesses work with an IT services company to create a list of approved devices (laptops, tablets, smartphones) that employees can use. Then those devices are loaded up with malware protection, a VPN, and other security solutions. So, while employees may be using a variety of devices, they all have the same security and other necessary software in order to perform their duties.The best device policy, however, is to provide employees with work devices. This ensures that everyone is using the same hardware and software, and this makes it much easier to keep everyone up-to-date and secure. It takes a little more effort logistically, and it has a higher up-front cost, but when it comes to keeping your business secure, it’s worth it.
  3. Don’t forget about physical security. While businesses are focusing on digital security right now, they’re not putting a similar focus on physical security. They may have a team of people working remotely spread across different neighborhoods, towns, states or countries. This mobility comes with the risk of device theft or loss.
    If employees will be carrying their work devices with them, those devices should be kept nearby at all times. That means never leaving work devices in vehicles or unattended at a café or airport (or any location). Never leave a device where it has the potential to be taken.It’s important to remind employees to not only keep their doors locked, but also keep work devices out of sight. You wouldn’t want to set up a home office in a room facing the street outside while leaving the windows open and the door unlocked. Just as cybercriminals are looking for ways to break into your network, criminals are looking for opportunities to take high-value items.

The way we work is changing, so we must be prepared for whatever happens next. Implementing these three steps will give you a starting point, but they aren’t the end point. Work with an experienced MSP to get the most out of your remote work approach. Businesses may not return to an in-office model, so the more steps we take to secure our businesses and our remote teams, the better off we’ll all be.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Lax bring your own device (BYOD) policies are a growing concern for businesses. If not managed properly, these can pose security risks to your organization. How can you mitigate the risks associated with the BYOD trend?

Whether your employees are using smartphones, tablets, or laptops, you need a BYOD security policy. Additionally, you need to be aware of the key BYOD security risks:

  • Loss or theft of device – Employees often bring their personal devices wherever they go. This means there’s a higher chance of devices being lost or stolen, and a greater risk of the company data that’s stored or accessed on these being compromised.
  • Data loss – In the event that a device is lost, stolen, or damaged, any locally stored data may be lost permanently if it’s not backed up in real time.
  • Man-in-the-middle (MITM) attacks – Public Wi-Fi spots are convenient for getting some work done, but they’re also popular hunting grounds for cybercriminals who use MITM to intercept data being transmitted over public networks.
  • Jailbroken devices – Jailbreaking is the process of removing the restrictions imposed by the manufacturer of a device, typically to allow the installation of unauthorized or third-party software. This increases the risk of an employee inadvertently installing malicious software on a personal device.
  • Security vulnerabilities – Every operating system (and the software that runs on it) has its own unique set of security flaws and vulnerabilities, which means that allowing staff to use any device and operating system increases the risk of a data breach or malware infection.
  • Malware – A personal device that has been infected with malware can spread that malware to other devices connected to the company network and cause data loss and downtime.

To mitigate risks, it’s important to devise a BYOD security policy that works for the needs of your business as well as the needs of your employees. Here are some tips:

Make passwords compulsory on all BYOD devices

Prevent unauthorized access to company data by enforcing the use of passwords on all BYOD devices. Passwords should be long and unique.

Create a blacklist of prohibited applications

Blacklisting involves prohibiting the installation of certain applications on BYOD devices that are used for work purposes. This includes applications such as file sharing and social networking apps. The simplest way to blacklist applications is through a mobile device management platform that enables IT administrators to secure and enforce policies on enrolled devices.

Restrict data access

Adopt the principle of least privilege on both BYOD and company devices. This means that a user is able to access only the data and software required to do their job. This can reduce the effects of certain types of malware and limit the fallout in the event of a data breach.

Invest in reliable security solutions for devices

Protect BYOD devices with reputable antivirus software to identify and stop threats before they can make changes to the device. This is vital for protecting mission-critical data and avoiding downtime.

Backing up device data

A well-thought-out BYOD policy can go a long way toward minimizing the risk of a security breach, but if something manages to slip past your defenses, you need a process in place for restoring your data to its former state. Have a comprehensive backup strategy to ensure that any data stored locally on a BYOD device can be quickly recovered.

Educate your staff about security

The vast majority of BYOD-related security risks involve human error. Educate your employees about proper mobile safety. This includes how to spot apps that could contain malware, sharing security threat updates, and teaching them how to secure their devices by going beyond default security settings.

It’s also a great idea to work with an IT partner like us. As experts, we keep tabs on the latest trends and innovations related to BYOD and will recommend solutions that work for your company. Contact us today to see how we can help.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE