Worried about your employees working from home?
There’s no question about employee engagement when they can work from home. As an employer, you are not only showing confidence in them, but you are also offering a flexible environment in which most people love to work. However, working from home created new security concerns for companies like yours, and more than ever data security concerns cannot be forgotten.
From a philosophical point of view, there are many reasons that an employer may have when granting their employees with the benefit of working from home. Studies have shown that employees who can work from home are more productive than those who work in the office, generating higher performance and productivity. Additionally, it enhances their moral, it reduces the risk of diseases, it helps the retention of personnel and leads to greater engagement and esteem from the workforce towards the company.
Still, many employers may be hesitant to offer a work-from-home option, even if it’s feasible and beneficial to their workers. Why is that?
Employers lose direct supervision and cannot witness productivity first-hand. That may be a rational reason to decline work from home, but on the other hand it may suggest that you have a problem with your employees or your management style. rather than a problem with working from home.
Another reason that employers may want to not work at home is because they fear that this will harm company culture and teamwork.
Working from home has become very popular lately, as almost everything is done digitally these days. If your company does not offer work from home, you are behind the curve. Top talent will want to have that option available and will choose to work for the company that offers it rather than the company that doesn’t.
However, from a technical standpoint, there are new concerns related to security and the intellectual value that is at risk. Along with new work practices comes a variety of security challenges. Without the proper precautions, working from home could become a cybersecurity nightmare. There is also a big risk that infrastructures will become overwhelmed, resulting in communication outages.
Working remotely can be a big transition not only for employees but the business too. The good news is that there’s lots of technology available to support and secure work at home. With the right solutions you can go about business as usual from home, even in the midst of a global quarantine!
This guide can help you alleviate your concerns.
Some companies resist allowing employees to work from home, as they worry about a drop in productivity. They want to be able to see their workers in action, and they want control over security and compliance concerns. Plus, not every employee wants to work from home. Some thrive on the social interaction and collaborative energy of working in a buzzing office. Well, everyone needs to get used to a new work environment now.
So, let’s start with the good news. Mobile working has been gaining momentum over the past 25 years for good reason.
Top 10 Employers Cybersecurity Concerns.
Email
Email is a core element of business communications, yet basic email security has remained unchanged for 30 years. Many small businesses are likely to still be using outdated Simple Mail Transfer Protocol (SMTP) when sending and receiving email. Cyber-criminals exploit the work-from-home practice through mass emails, the recipients review the email infecting their systems, or sometimes they are taken to realistic websites asking for their credentials. The solution is basic: employees need to be reminded, trained and tested. The best defense is common sense and your workers should get into the habit of pausing before responding.
2. Company devices.
Company devices meet minimal security benchmarks. Their hardware is designed to work within a corporate network, but their software has been optimized to cater to the specific needs of the individual user within the company environment. The introduction of personal devices injects a new element of risk into the security calculus. Remote workers should be limited to company devices. But if this is impossible, personal devices should be vetted by employer IT prior to being used for company work. Moreover, personal devices may be more susceptible to “physical breaches,” as employees may leave laptops or devices unguarded in places without the physical security of an office setting, such as in their car or at a coffee shop.
3. Secure networks.
The “free” WiFi available at cafes, libraries, or other public places carry a steep security price tag. Traffic is not encrypted, and hackers target such environments, leaving cyber mines that activate when a user of interest uses the network. If a remote worker lacks access to secure WiFi, provide a HotSpot. It is a security investment that will pay for itself many times over.
4. Remote access.
Your most valuable data should not be remotely accessible. Try to limit the network sections to the specific tasks that a worker performs. Limiting the access to your data, with degrees of value and sensitivity will enable your workers to complete their tasks without compromising the rest of your critical information unnecessarily.
5. Make it easy.
Without losing sight of your security and considering that your employees need to work, make functionalities as easy as possible. If access is too cumbersome, your employees will develop alternative solutions and shortcuts, such as downloading or saving sensitive company materials to their personal devices, desktops, thumb drives, hard drives and file hosting services in the cloud (e.g., Dropbox). Since an individual computer often has weaker defenses than a networked one, this presents attackers with an extra opportunity to commit their crimes.
6. Patching.
Your IT department should be particularly vigilant and should patch often. While this is a good general practice, it is particularly critical at a time when attackers are aware of a unique window of opportunity presented by the work-from-home practice. They will be using commandeered machines to scan traffic for opportunities. Ironically, opportunities are often identified by reverse-engineering software patches released by the major vendors.
7. Electronic traffic.
Like vehicular traffic, electronic traffic exhibits typical patterns over time and therefore must be continuously monitored. Some deviations are normal and expected, but your IT staff has the experience to appreciate which of those deviations may indicate a security problem. For example, high activity at night, or exfiltration of large data files.
8. Chatters.
Not all damages come from cyber-attacks. Humans are social by nature; employees like to talk, and jobs tend to be a favorite topic of discussion. In an office environment this is rarely a problem, but when employees work from home, they should be reminded that work conversations should be confined to private spaces.
9. Vendors and contractors.
Virtually every employer depends on vendor and contractors, and these usually have access to the same data and networks as your employees. You must ensure that your suppliers are contractually bound to the same safety standards as your full-time employees. This includes all of the above, from not using public WiFi, to limiting their access to relevant sites within your network.
10. Human Error.
Finally, safety is a people business and most breaches can be attributed to human error. Even the best-intentioned people make mistakes, and the opportunities to make such mistakes are increased when employees work from home. Luckily the cure is quite simple, your employees should receive periodic training on fundamental security issues. They should also rely on checklists and use them before shutting down for the day, just like a plane pilot uses a checklist when landing an airplane.
We’re now living in a time where it seems as if everything has changed and nothing is the same. Are the same security challenges and mitigation strategies still relevant with so many people working from home indefinitely?
Tips to maintain security when your employees work from home.
Requiring all your employee devices to be equipped with your own security software and the latest manufacturer software updates prior to permitting access to any remote systems.
Requiring multifactor authentication upon each login to your company portal;
Only allowing remote access through a virtual private network (VPN) with strong end-to-end encryption;
Prohibiting working from public places, such as coffee shops or on public transportation, where third parties can view screens and printed documents;
Prohibiting use of public WiFi, and requiring the use of secure, password-protected home WiFi or hotspots.
Imposing additional credentialing with respect to the ability to download certain sensitive data.
Have a healthy business working from home.
AT&T was the first enterprise to allow its employees to work from home, back in 1994. Today businesses of all sizes are embracing the digital technology and mobile applications that enable productivity from anywhere, at any time.
“92% of organizations saw adopting mobile work as giving them “a competitive edge.” (IBM Study)
Both the employee and the business can benefit from work from home. For the employee, this flexible work environment means:
Lower stress levels,
Improved morale,
Greater productivity,
Better work–life balance.
Businesses, meanwhile, see lower absenteeism among remote workers. It is also easier to recruit and retain workers from a larger talent pool. Geographic borders don’t limit the candidate search. Plus, mobile work tends to appeal more to the younger generations of employee now entering the workforce.
The International Workforce Group in 2018 surveyed businesses offering remote work. They noted the shift had helped them create a presence in new markets (82%), mitigate risks (73%), and optimize costs (89%).
So, now you’re feeling better about the prospects of continuing your business with people working from home, let’s talk next about how to do it right!
Technology for work from home.
Of course, not everything can be done at home. No one is going to be moving the business’s big machines into their home garage any time soon. Yet there are many things that can be continued from a remote work environment. You’ll need to start out by determining what capabilities you already have and what you need to add. The key areas to consider are:
Communications
Team collaboration
Securing the work from home platform
If no one is in the office, who is answering the phones? With Voice over Internet Protocol (VoIP), you can easily forward calls to the right people. Someone can use their mobile device as an office phone without the caller knowing the difference. Since it’s online, voice messages and even faxes can also be sent to the individual’s email inbox. Voice and video conferencing can take the place of work meetings, and if you’re holding these online, you can often record the discussion for future reference. You’ll also want to allow employees to continue to collaborate. What capabilities do you have now or need? For instance, can your remote employees:
Participate in collaborative, persistent chat with colleagues or clients;
Share documents and edit them simultaneously from anywhere in the world;
Make multi-party audio and video calls remotely;
Use their own devices to access all their applications in one place;
Work remotely without compromising security or risking non-compliance?
Remote work is easier when you’re providing access to all the tools and business applications employees need to get their work done. Doing this through a single platform that works for teams and customers drives even more productivity.
With collaboration tools such as Office365 or Google’s G Suite, people can easily access shared files online, and you don’t need to worry about version control. Everyone can work on the same documents in real time online.
Business collaboration software combines connection, access, and creation tools. They also integrate with calendars, task lists, and other business software such as customer relationship management tools and more.
Securing Work From Home.
When people are logging into your network on-site, they are doing so from within the boundaries of your security protocols. The IT team has given them access credentials to a secure network. Employees working from home could be trying to get on to your same systems from unsecured networks. Maybe they are logging in using the same username and password but are doing so via a home Wi-Fi router that is easily accessible by bad actors. Virtual private networks (VPNs) offer secure browsing. The employee connects to remote hardware (e.g. server or router) to then access your business systems. This helps keep sensitive data and proprietary information safe. Your IT team may also set up mobile device management software to monitor, manage, and secure laptops, tablets, and smartphones. However, these can sometimes be slower.
Key considerations for Work From Home technology.
The first thing to gauge is whether your business technology can withstand employees working remotely. For example, few consumer-grade routers can support VPNs into the business network. Business-grade routers that do still need to be powerful enough to handle multiple off-site employees simultaneously. There are some other workarounds to get up and running quickly that you can discuss with your IT Provider.
Internet speed will also be a factor. If everyone is going to be VPNing into the office or connecting remotely to a single desktop, your internet connection needs to be up to the task. Otherwise, you might need to migrate to a cloud-based solution. Then, the internet speed at your business won’t be a factor. The cloud options are hosted on powerful servers outside of your business.
Whether rejigging your internal hardware and processes, or moving to the cloud, keep compliance and regulatory issues in mind. Many cloud services offer industry-certified services, but you’ll also need to ensure your employee’s home computers meet the security standards of desktops in the office, which may mean providing access to antivirus software.
Plus, you’ll want to reiterate the importance of always updating with security patches and remaining vigilant regarding malware and social engineering.
Supporting your Work From Home.
In these challenging times, there may be too many moving pieces for your business to handle on its own. A managed service provider can help you set up your business systems to support work from home. We’ll identify what you have, what you need to add or upgrade, and where a simple supplement will do.
You don’t need to get bogged down by the need for more licenses, different software, or new hardware. That’s what we do best.
We can efficiently and effectively ready your business for remote work from home. Call us today! Phone: (305) 400-09925 Email: info@zakini.com Web: www.zakini.com