If you’re a small to medium business with concerns about the security of your data when much of your workforce is working from home, you aren’t alone. In our last blog, we discussed how to keep you and your team working from home productively. As a follow on from this, let’s discuss how to manage and maintain business information security while managing remote teams.
Data security challenges for remote working teams
Maintaining business information security when you have teams working remotely can be a challenge.
Many organisations had to rush to move their teams to remote working mode to minimise the rampant spread of COVID-19. For many, this has meant they’ve been stretched not just to provide the hardware to accommodate this, but the security measures to protect their organisational data at the same time.
Data security tips for remote working teams
As a small to medium businesses with or without dedicated in-house IT services, there are a number of information security controls that can be implemented to protect your team as well as your organisational and customer data.
1. Review home security measures
Physical home security is just as important as office security when you have remote workers. Locking doors and windows when not at home to prevent theft of work laptops or physical files – as well as maintaining good practices like password protection and locking your workstation when you aren’t at it – is critical.
If a laptop is stolen from home, the last thing your company needs is someone with nefarious intentions having access to your network and confidential files, not to mention sensitive financial and customer details.
2. Implement data encryption, if you haven’t already
Data encryption using Multi-Factor Authentication (MFA) and an authenticator app is strongly advised for organisations regardless of where your teams are working.
MFA is a robust means of protecting your devices and organisational data from cybersecurity threats, and removes human error in managing and setting passwords. It requires someone logging into a device to present at least two verification methods; usually a password and a code, or biometric (e.g., thumbprint, or facial recognition).
If you haven’t already implemented either MFA or two-factor authentication for your company’s devices, we strongly recommend doing this.
3. Ensure home routers are secured
Many of us are guilty of using the default passwords set by the manufacturer of our home routers, and perhaps even having the login details sitting near our home workstations unsecured. It’s easy to forget that the device being used is company property with access to data that shouldn’t be shared with anyone outside of the organisation, and this includes when that device is being used at home on personal wi-fi.
Doing a quick credential check of your wi-fi router to make sure the password is complex enough not to be easily breached is a good first step. Then, if you really need to have the wi-fi code written down, make sure it’s stored somewhere secure.
4. Use a VPN
Virtual Private Networks (VPNs) create a private connection across a public network, securing your internet traffic through data encryption. This prevents anyone intercepting your online activity, which can be a risk in public settings like cafes and hotspots, as well as at home if your network security is minimal.
5. Educate your teams
Educating your team on cybersecurity is important, so that they understand the very real risk to themselves and to organisational systems and data.
In the Australian Cyber Security Centre’s annual cyber threat report (2020-21), the ACSC reported over 67,500 cybercrime reports (up 13% on the previous year) and Australian business losses of $33 billion. Investing in cybersecurity awareness training for your remote teams will help your staff be more aware of risk from:
- Malicious emails, including phishing emails
- Opening email attachments from senders that they don’t know
- Password sharing
- Downloading unapproved software and files on company devices
Is your remote working data security up to scratch?
Working from home has many benefits for both companies and their teams, but comes with risk if your organisational controls to manage business information security aren’t robust enough to protect your technology, systems and users. If you’re a small to medium business that doesn’t have an in-house IT function, or one that does but would like to know more about what data security controls you can implement, Computer Cures is here to help you and your remote workers.
Need help with data security for your remote working teams?
Remote working presents many challenges and opportunities for organisations, and here at Computer Cures, we understand how critical it is to get this right. If you’d like advice or assistance to setup, configure and maintain your organisation’s information security, give us a call on 1300 553 166 or fill out our contact form; we’re here to help you.