In light of the Coronavirus outbreak, we have all come down to working from our study tables at home. Companies are obviously directed to consider Work-from-Home options as long as it's not an essential service as a measure of prevention. Everyone today is wondering whether this crisis is getting over anytime soon. Up until now, it was being managed but the lock-down 2.0 has sent the startups into serious contemplation about a prolonged work from culture.
Considering that a shift in work culture has its own set of challenges, this article addresses the most common cyber-security vulnerability in transiting to Work-from-Home. There is a recent surge in requests, even from large organisations to build a robust Work-from-Home IT policy, which can take care of the protection of sensitive data on employee devices, while he/she is working from home. But what worries me, is that most Small Medium Enterprises (SME) and Startup organisations have weak or almost no policy to counter the security issue arising from Work-from-Home.
Some basic steps in the direction of being Cyberspace safe organisation are discussed below for your understanding:
Companies take security too casually and assume that employees are aware of the do's & don't, but the fact is many are not fully knowledgeable in regards to security. Training employees on security measures like how to configure a safe home network treat suspicious emails and links, and what a secure password looks like can help keep your organisation's sensitive information secure. It's also important that employees understand work-owned computers are not family computers; it is for their use only.
Use tools such as #GoogleHangout, #Teamviewer #Zoom to conduct training and help the employees configure their home network.
Be Wary Of Wi-Fi
Using public wireless networks can be risky. Knowing that employees are likely to logon from cafés and other public hotspots, companies should set up a system to provide remote workers with secure access through virtual private network (VPN) software, which encrypts remote workers' internet traffic and monitors signs of infection.
There are a lot of free VPN solutions that you can use to secure remote access for your employees, few can be found in this article by #TechRadar
Use Security Software
Malware that is responsible for data theft usually infiltrates devices through the internet and email. Ideally, companies could restrict personal web browsing and email, however that isn't very realistic and is bound to result in push-back from employees. Instead, utilize security software along with the latest versions of all applications. Workers may not always make the necessary application updates on their own, so activate automatic updates from software makers to reduce vulnerabilities and ensure patches are deployed when needed.
I personally would always advise one to invest in security applications and not go for freeware security applications. I don't want to recommend any products here, but a quick look at the below link will provide you with pros and cons, to help you shortlist the best one suited for your needs:
Install Encryption Software
Of Course! Hacking of devices lead here, but lost and stolen devices can also be very damaging if they get into the wrong hands. Lessen the risk with whole-disk encryption software, which bars access to data by unauthorized users. Also, install remote-wipe apps on all mobile devices so data can be easily erased if the device goes missing.
A quick glance through the below link should help you understand encryption and choose the most suited products:
Move To The Cloud
Using a private, virtual private, or hybrid cloud enables employees to work from any location while handing over most of the data security responsibilities to a cloud service provider. A reputable provider is better equipped to manage and monitor security (especially beneficial for small business), and they are highly skilled and staffed in order to quickly respond to an attack and offer faster recovery times. In addition, a cloud provider generally offers higher levels of encryption so that data is not only easily accessible for remote workers on the move but also better protected from threats like ransomware.
Consider checking a list of various cloud-based service providers to shortlist your needs: