Working from home increases employee autonomy, cuts costs, and ensures the health and safety of the company during the coronavirus pandemic. The problem is, it also increases the likelihood of security breaches since employees are working outside the company's security perimeter. That’s why you and your staff must adhere to these security best practices.
Fortify user accounts
When everyone is working remotely, user accounts must be properly secured. One way to achieve this is by setting at least 12-character long passwords with numbers and special characters mixed in to make them more difficult to guess. More importantly, these passwords must be unique to each account, to minimize the damage if hackers do manage to compromise one set of credentials. If you find it difficult to generate and remember login details for all your accounts, consider password managers like LastPass, Dashlane, and BitWarden You will still need to create a secure password to secure your password vault. This password will be the most important since it is the key to all your other passwords.
To further strengthen your accounts, however, you’ll also need to enable multi-factor authentication (MFA). This adds another layer of identity verification — like fingerprint scans or one-time activation codes generated by SMS — to make it more difficult for cyber-criminals to hijack your accounts. Some password management solutions offer an MFA vault to store your MFA codes.
Use a virtual private network (VPN)
VPN's are primarily known for circumventing geographic restrictions on location-specific websites and streaming services, but they’re also a crucial tool for remote workers. A reliable VPN creates secure connections between devices and networks by encrypting internet traffic. This hides web activity from prying eyes, protects your employees’ online privacy, and mitigates the risk of hackers stealing company information.
Patch your software regularly
Although installing software updates can be a major nuisance, they cover critical weaknesses and protect your systems from the latest threats. Most apps now offer an automatic update feature so you don’t have to manually patch your software.
Another option for your business is patch management software. These track patches on employee devices and distribute the most recent updates on a company-wide scale.
Set up firewalls and antivirus software
Make sure to enable firewalls in your operating systems and hardware. These provide a strong layer of protection between your device and the internet, preventing malicious programs and other network threats from reaching your device. Your managed IT services provider (MSP) may also provide third-party firewalls in case your computers don’t have any built in by default.
In addition to firewalls, you’ll also want to implement antivirus software to detect and remove any malicious programs that do manage to find their way onto your device. Just remember to constantly update the software so it can effectively detect the newest malware.
Secure home routers
Home Wi-Fi routers are not as thoroughly secured as their business counterparts so take extra precautions to safeguard them. For starters, change your router password as soon as possible because hackers can easily break into them once they know the router model. You should also install the latest firmware updates to eliminate any security vulnerabilities.
Finally, check whether your router has Wi-Fi Protected Access 2 (WPA2) encryption settings to secure inbound and outbound traffic. If your router doesn’t have this setting, you’re overdue for an upgrade.
Back up your data
Important files must be backed up regularly in the cloud or an external hard drive. This way, you’ll always have a copy of your files in case of a major data loss incident like ransomware or a power outage. A good solution, and often included with basic Microsoft licensing, is OneDrive. This can easily be setup to sync Desktop, Documents, and any other important save locations.
Watch out for online scams
The biggest threat remote workers face is online scams. Phishing emails may entice you with free coronavirus test kits in exchange for personal information. Some cyber-criminals may even masquerade as legitimate companies, CEOs, or friends to trick you into clicking on dangerous links and attachments.
To avoid these threats, you must be critical of everything you see online. Look for any suspicious links and attachments, grammatical errors in the email body, and misspelled email addresses. Plus, never give out sensitive information to an unsolicited email, text message, or phone call.
Working from home poses many cybersecurity challenges for businesses, but you don’t have to address them alone. Security best practices for remote workers are crucial in today's work environment. If you need guidance with setting up firewalls, avoiding scams, and even enabling MFA, we can provide the IT support you need in this difficult time.
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution, also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.