To view the recording of our Tuesday Tech Talk, click HERE.
A large majority of workers around the country have been remote since March of 2020 when the COVID-19 global pandemic hit. Due to the quick nature of moving business operations out of corporate offices and into the homes of employees, many businesses did not have remote work processes in place. Companies and individuals struggled with the short supply of laptops, desktops, headsets, routers, webcams, and other hardware which resulted in businesses allowing their staff to take home company resources. The risks associated with that decision are critical. After 13 months, we’ve learned a lot about staying secure, collaborative, and productive while working from home. Read on to learn more.
Risks of Remote Work
- Workstation health
- Tablet & Smartphone health
- Network health
- Uncontrolled environments
How to Enable a Secure Remote Environment
The New Security Perimeter – The security perimeter used to be the firewall that protected all corporate devices in the on-site environment. With the shift to working from home, the perimeter had to shift from being on-premise to being hosted in the cloud. This requires a multi-layered approach called “Defensive Depth” which ensures complete protection.
Multi-Factor Authentication – MFA is an electronic authentication method in which a device user is granted access to a website or application only after successfully presenting two or more pieces of evidence to provide proof of identity. It involves providing something you know (pin/password) with something you have (debit card/device) to authenticate your identity and access the system.
Security Awareness Training – User security training has become increasingly important during the pandemic. A huge percentage of communication is being done through email and instances of phishing attempts have skyrocketed. To ensure your employees are making it a priority to keep your company data and systems safe from attackers, it’s imperative to utilize some sort of training system. Attackers can use social engineering and create emails that look like they are coming from a legitimate source, but in reality, they’re taking your information and sending it to the hackers. Security awareness training educates all users on a consistent basis to spot these phishing email attempts.
Single Sign On – SSO is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems. True single sign-on allows the user to log on once and access services without re-entering authentication factors. Due to the lack of frequency of signing in multiple times a day, it is easier to use a phrase as a password which would be harder to hack.
Endpoint Management – Endpoint management is how we answer the “device health” questions from above. Modern endpoint management systems, such as Microsoft Intune, can determine what type of devices are connected to corporate systems. From there, they can apply conditional policies to allow or disallow certain devices to company files and software.
Network & Environmental Risk Mitigation – For “Defensive Depth” purposes, encourage your users to review their wireless router and ensure they have one that does automatic updates. If they currently have one that doesn’t, provide incentives for purchasing a new one. Require that corporate devices are protected with full-disc encryption and MFA. Lastly, consider making a written policy that only employees are allowed to use the corporate device even if they’re at the employee’s home.
How to Improve Remote Collaboration and Productivity
The first step to enabling remote collaboration is to modernize the company’s file system. By modernizing the system, multiple users across the company will be able to access and edit the same document in real-time. In addition to editing simultaneously, all changes are tracked and logged for up to 30 days. The ability to invite an outside party to edit the document is available, as well. Their access expires after 10 days of inactivity so your users do not need to remember to remove access at the end of the project.
An avenue for staying productive is to offer Microsoft Office Teams. This platform gives users a dedicated space to work with teammates remotely or based on certain projects. With Teams, you have the ability to integrate other applications to the system – for instance, Planner is a tool that assigns users responsibilities and all members can keep track of progress on the project.