Remote Working
In Spring this year, all businesses shared a common purpose: to protect staff, customers, and the business. As the reality of the threat of Covid-19 hit, it brought with a clarity of vision and an urgent need to act that lead to the adoption of new ways of working. New tools were deployed for collaboration, communication, and automation; the way companies interacted with staff, customers, and suppliers changed almost overnight.
One of the biggest changes was the staff working from home.
While the working from home trend had grown 44% in 5 previous years, the Bureau of Labor Statistics reported that prior to COVID 19 only 7% of employees had access to the privilege. According to research carried out by Gallup that is now a massive 62%, with 74% of companies expect some employees to continue to work remotely.
Many of the solutions that have gotten us through this challenging time were deployed very rapidly, so now the dust is settling it is time to review what was put in place to make sure that it is fit for purpose for the new world of work.
Access to LAN
To enable working from home you need a solution that will allow your staff to continue to access their applications and data in a way that as closely mirrors their office experience as possible.
The most common way to do this is via a secure Virtual Private Network (VPN). A VPN can be set up to give access to individual applications, the corporate LAN, or using Microsoft Remote Desktop Protocol (RDP) to the users' own desktop computer back in the office. VPNs are a tried and tested technology and as long as employees adhere to security policies, such as not access the VPN over unsecured networks - like in a coffee shop - then the risks are low.
Another method is to use Desktop as a Service. This is a cloud-based solution where users access a virtual desktop session that is running in a data center. It doesn’t matter what device they use to access the session as all the data and applications remain in the data center. This is an increasingly common way that companies are enabling secure remote working.
Security
Zero trust approach - Opening up the corporate network for remote users immediately brings security risks. Taking a holistic Zero Trust approach reduces much of the risk with no one, inside or outside of the network, automatically trusted and verification required to gain access to any resources.
For any device accessing the network, it is essential to ensure that the basic as in place:
• All devices should be encrypted.
• Multi-factor authentication should be deployed
• All devices should be running an up to date anti-virus solution
Devices should never connect to the raw internet, there should always be a layer of security in place.
And as the weakest point in any security system is the people, staff should have training covering:
Awareness of security risks
Extra vigilance about data – covering both storing and sending
Training to spot security risks and how to report them so they can be mitigated quickly
Corporate Devices
The preferred option for many companies has been to provide their employees with laptops to use while working from home. In some cases, employees have even taken home their desktop PCs. For the users that normally have access to laptops, the existing security protocols should be sufficient, if they have been designed for remote working. If the users are normally deskbound then there are additional security risks including the physical risk of a device being lost or stolen.
If a computer is connected to the internet there is always a chance that a cybercriminal will try to gain access. When your employees are using their unsecured home networks this risk is multiplied.
Keep visibility of the device - Install remote security controls so you keep the same level of visibility that you have when the devices are within your offices.
Password policies - All password policies should be enforced, even for browser-based applications.
Minimize the risk of phishing attacks - Use Two-factor authentication where possible.
Don't let anything thing through the back door- Ensure the OS and applications remain patched and updated.
Anti Virus/malware - it should be taken as read that this is in place, but it should be checked that it is running and up to date.
Bring Your Own Device
If you opted for Bring Your Own Device (BYOB) you wouldn’t have been alone, hundreds of thousands of employees are now working from home using their own devices. BYOD isn’t a new idea; companies have been adopting it for over a decade as a way to provide user choice and reduce hardware cost.
Employees’ personal devices are often newer and of a higher spec than those provided by a company. By enabling BYOD users to get to use a device that they have chosen, and the company makes considerable savings by not having to continue to invest in hardware. But this win-win situation doesn’t come without compromises and the biggest one is security.
• Data Leakage - The devices are in the homes of employees; they may not be the only person in the household that has access to it. As soon as you mix business and personal use you put the business at risk. You have no control over this.
• Loss of Control - As soon as any endpoint leaves the confines of the corporate LAN there are risks but with BYOD these are higher. Employees are unlikely to agree to have remote device management and monitoring tools running on their personal devices.
• Unsecured connectivity - Your employees' home networks may not be as secure as you’d like but with the added risk of them using questionable WIFI connections while on the move can you be sure of maintaining any real control of your network?
• Malware - the majority of users with infected devices have no idea that they have malware. They download applications without examining the terms of service and fail to update these applications and the OS, blowing a hole in your security.
• Policy enforcement - You may try to mitigate these risks by creating a formal policy for BYOD, but it will be impossible to enforce this over an extended period.
If you'd like to find out more about how you can get your employees working securely from home, then reach out to our team and we'll be glad to help