Five best security practices for remote teams during COVID-19 and beyond
source link: https://itwire.com/guest-articles/five-best-security-practices-for-remote-teams-during-covid-19-and-beyond.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Tuesday, 27 July 2021 12:14
Five best security practices for remote teams during COVID-19 and beyond
By Chris Smith, alliance & partner manager for ANZ, M-FilesGuest Opinion: Social distancing measures taken by responsible employers have greatly increased the number of employees working remotely. During COVID-related lockdowns and restrictions, some companies and their employees can enjoy the objective benefits of not having to waste time and money on long commutes. Concurrently, plenty of businesses still do not have the structure in place to support a vast, full-time work-at-home workforce with the security or business processes they needed.
Because employees or departments scrambled for ad-hoc solutions to remote working, they sometimes sacrificed robust security to get up and running as quickly as possible. Cybercriminals can also work from home or other remote locations, and many saw the rise in remote workers as an opportunity to exploit.
For example, a survey (1) of security professionals found:
· Most security employees struggled to offer strong security solutions to remote employees.
· At the same time, almost half of the respondents reported seeing an increase in phishing attempts.
· Most of these corporate security pros had concerns about their ability to scale security, respond to abrupt environmental changes, and the difficultly of controlling employee use of unknown and untested software.
Five security practices for remote employees
With the increase in cyberthreats and the concerns of security professionals in mind, it is useful for organisations to consider security best practices for two reasons: to help keep business systems free of threats and to ensure compliance with rules that govern privacy and security in different industries.
1. Two-factor authentication
With two-factor authentication, sometimes called 2FA, users must finish their login with a code that gets sent to another device, typically a mobile phone. It takes a few seconds longer to access the system, but it provides better protection against phishing attacks. One CTO (2) found that this simple measure reduced security problems in his company by almost 40 per cent.
2. Use secure connections
Most home workers will rely on their home Wi-Fi connections. Without any other protections, security will only be as good as whatever the employee's home internet company, router, and password can provide. To boost security, businesses may encourage employees to login through a virtual private network (VPN) or other methods of encrypting communication between home devices and corporate systems.
3. Endpoint security and monitoring
No matter how well the IT department protects logins and communication, it is still difficult to avoid the threat of malicious code entering systems. On the server end, organisations can employ software to block threats and monitor system usages.
Even though most threats stem from accidental vulnerabilities, it is impossible to ignore the rise of inside jobs as a source of risks. Not only will these systems provide a firewall against malicious software, they can also send automatic alerts for unusual data use and provide a clear audit trail just in case something does happen.
4. Develop and create clear security policies
Even before the coronavirus outbreak, companies grappled with security issues that stemmed from remote workers and the rising use of personal devices. For example:
· Personal devices may be allowed if employees adhere to security policies. For instance, mandating the installation of approved security software and only allowing employees login to the business network through corporate VPN.
· Employees in sensitive areas or departments can only use laptops or other devices that the IT department issues to them and to only use the devices in approved ways. This includes restricting these company-issued devices to work-only activities and not letting employees use them to watch videos or browse social sites.
It is important to develop clear policies. In addition to communicating these rules, organisations should ensure that employees understand why they are important and that they can incur consequences for ignoring them.
5. Deploy secure information systems
Deploying intelligent and robust document and data management systems may not take as much of an effort as businesses think it will. These systems come designed and built to offer robust security and rule-based access for both in-house and remote workers. They also provide audit trails and guarantee recoverability, so if something suspicious happens, it is easy to trace the issue to its source and remediate it. They can also help improve other important business processes.
Companies that employ a smart data management system worry less about an abrupt change from working in a corporate office to a home office. For example:
· Access to documents could already have been set by role, so the people who needed information would have an easy time accessing it, according to their security levels. To others, that same information would be invisible. The right people could view, change, add, or delete information, and others would not even see it exists.
· With built-in encrypted access and simple rollbacks for recoverability, an intelligent information management system can meet the requirements for the most sensitive data and systems.
(1) https://blog.checkpoint.com/2020/04/07/a-perfect-storm-the-security-challenges-of-coronavirus-threats-and-mass-remote-working/
(2) https://digitalguardian.com/blog/securing-remote-workforce
Subscribe to ITWIRE UPDATE Newsletter here
GRAND OPENING OF THE ITWIRE SHOP
The much awaited iTWire Shop is now open to our readers.Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.
PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.
Products available for any country.
We hope you enjoy and find value in the much anticipated iTWire Shop.
INTRODUCING ITWIRE TV
iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.
In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.
We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.
See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK