Remote working: keeping your IT infrastructure and data safe

As part of managing the coronavirus situation, many organisations will have their staff working from home. But with the social distancing comes IT security challenges.

Many businesses will not have supported so many employees working remotely, and employees themselves may be unaware of best practices. By implementing appropriate controls and barriers you can reduce your risk.

1. If possible, do not use public Wi-Fi. Tethering to mobile devices is much securer but do be aware of data charges.
2. Use a secure VPN. Virtual private networks facilitate secure connections to the office and other colleagues. They authenticate users and devices, and encrypt data in transit between the user and your services. Additional bandwidth and licences may be required.
3. Encourage open communication about security incidents. Staff should know how and who to communicate with about security incidents, device loss and malicious emails.
4. Use strong account passwords and, if available, two-factor authentication. Different passwords should be used on each device and account. Password managers are useful tools to randomly generate passwords and store your passwords safely.
5. Collaborative working. Use secure collaboration and communication tools with end-to-end encryption that store data safely, such as Slack and Microsoft Teams.
6. Make sure data is encrypted. Most modern devices have encryption built in, however encryption may still need to be turned on and configured.
7. Keep software up-to-date. Remote workers should ensure they have up-to-date firewalls, operating systems, antivirus software and anti-malware on all their devices.
8. Circulate your IT security policy. Often employees see cybersecurity as their employer’s responsibility. Make sure employees know that data security is a priority by sending them your IT security policy to refresh their minds on your processes.
9. Keep your physical assets secure. As employee on-site presence is significantly reduced, it is important to make sure your devices and infrastructure are secure from tampering and theft.
10. Segregate your IT team. If part of your IT team are required to self-isolate, this will ensure business critical systems can continue to be supported.

Should you have any questions or if we can help with your technology updating or implementation projects, please contact the head of our digital and technology sector, Ryan Gracey.