Remote work was trending even before the pandemic came along and made it mandatory, thanks to rolling lockdowns. According to research from Roy Morgan published in June 2020, nearly a third of Australians were working from home. Before this, forward-thinking workplaces were offering flexible working solutions to try and capture and retain top talent.
In PwC’s US Remote Work Survey 2021, 55% of employees would now prefer to work 3+ days a week from home, whereas 68% of employers wanted them in the office 3+ days a week to keep a strong company culture. While finding the right balance is going to be a question for the future, it’s clear to see that remote work is here to stay for the long haul.
While you may have put systems into place to make work from home possible during Covid, it’s important that they now lock down remote work security properly, if you haven’t already. Here are our top five work-from-home WFH security recommendations to help you make that happen.
1. A Secure Web Gateway (SWG) for all users
“A secure Web gateway is a solution that filters unwanted software/malware from user-initiated Web/Internet traffic and enforces corporate and regulatory policy compliance.”
You can think of SWGs as akin to firewalls, but for cloud-first infrastructure rather than your onsite networks. With SaaS cloud products now the number one target for attackers, you need your cloud-based infrastructure, apps, and services all as secure as they can be.
SWGs live in the cloud and protect any user on any device (including BYOD) against threats from websites, managed or unmanaged apps, public cloud environments, and custom apps.
Trying to get a solution that covers all incoming and outgoing connections across such a diverse technology landscape is tricky. Traditional SWGs and next generation firewalls can no longer keep up.
We recommend instead a next generation SWG like Netskope’s solution. It includes a range of security microservices such as API/JSON decoding, compliance, and data protection. It is rich in data collection and analytics to ensure security is not just reactive, but proactive, too.
2. Data loss prevention policies configured correctly
Which of your data needs protection? And are you sure that it is secure? Data loss prevention policies are specific needs, covered by technology and processes that help guard against data loss.
For instance, organisations may have in place data loss prevention policies that cover compliance in GDPR regulations for personal data.
How you configure your data loss prevention policies depends on your technology architecture. For example, while some products have data loss prevention options built into the software, others do not.
For instance, with Microsoft 365, you can browse to the Security & Compliance centre, then select Policy under the Data Loss Prevention tab. This is why large, established vendors are an attractive option, as this is often an option – just make sure that you review policies regularly.
3. MFA turned on for all users, all applications, and all cloud services
Multi-factor authentication may be annoying at times – but it’s an essential for remote working to protect company assets. If a password is stolen, multi-factor authentication can stop an attacker from gaining instant access to your systems.
MFA can come in many forms. Usually, primary authentication is done with a password. Other authentication can be a fingerprint or other bio-password, such as facial recognition. It can be in the form of a code sent to an authenticator app or to a phone number. For very sensitive systems, MFA can require multiple parties to sign on at once.
All devices, apps, and cloud services these days have a multi-factor authentication option available, you just need to switch it on – as it’s usually not switched on by default. Make sure there is a record of the types of MFA used for each user, application, service, and device.
4. Staff home IT equipment has secure passwords
123456789? PASSWORD? Rex1984? Microsoft$$$? These are all terrible passwords. Password management has been a massive headache for everyone since the computer was invented. But that doesn’t mean we are able to simply give up. For all home IT equipment – routers, laptops, phone, tablets, etc., we need to have strong passwords in place.
Passwords should be long and complex. Long and easy to remember passwords may be random words strung together with capitals, numbers, and symbols thrown in for effect. You should never use sequential numbers or letters or qwerty letters, nor any personal details which an attacker could know. Substituting numbers for letters, such as W3LL, can’t be used either.
Password generators and banks, such as those offered by LastPass offer strong passwords and a secure place to store them. Just ensure that the password to your password generator/bank is a strong one to protect all the other passwords!
5. Backup and retention policies correctly configured
Backup of data and systems configurations is essential in the case of an unforeseen event such as a ransomware attack, or even just losing a device. Backup and retention policies should be correctly configured to ensure backups are secure, whether encryption is needed for certain data, that they are performed often enough, as well as how long snapshots should be stored for.
At a minimum, there should be daily backups, a weekly backup for a certain time period, a monthly backup for a certain number of months, and yearly backups. This all depends on the type of user data you want to keep, too.
Backups can be stored in the cloud or on your own dedicated servers, in the case that data needs to be restored.
Let’s talk remote work security for your business
Make sure that you get it right with your remote work security by bringing in the experts. A1 Technologies can help put into place the right systems, tools, and policies to ensure your business data remains safe and you are industry compliant. Chat to us to heighten your security and learn how to remain safe in the future.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- Was your commercial or government building built in the past 25 years or so? Houston, we may have a problem. Your temperature control,...
- 5G! It’s coming! Now, what on earth is it (other than a speedier mobile internet connection) and what can it do for your...
- Numerous organisations have started using Azure DevOps for their deployments. It is an all-inclusive package that offers a broad spectrum of services covering...