Whilst many organisations have adopted remote working to some degree the emergence of any disruption, such as COVID-19, presents an immediate threat and challenge to all normal ways of working. Whether looking to greatly increase the number of people and departments working away from the office or having to consider implementing it for the first time it calls for serious and strategic changes to be implemented quickly.
At Boffins we have been considering the practical advice and guidance that crosses our desks from the NCSC and our trusted cybersecurity partners at WatchGuard, Kaspersky and Sophos; we can advise you on how to move quickly and decisively. We can help you avoid possible missteps that could compromise the security of your systems, integrity of your data and safety of your employees, customers and suppliers.
1. Ensure that it is secure
It’s important to consider that any remote worker’s machine is an extension of your organisation’s infrastructure and is covered by the same data protection obligations as those “inside” the office.
Provide all remote users with advice and training about opening attachments and clicking on links; it is likely that a continued escalation of the COVID-19 situation will see an increased number of malware attacks and carefully crafted scams.
If your organisation BYOD (Bring Your Own Device) policy doesn’t allow employees to use their own equipment have they got mobile equipment such as laptops or tablets which will enable them to work remotely efficiently.
Many SMB’s may not have written IT Policies and may allow employees to use their own equipment because it’s simply quick and easy. This can be a dangerous approach as the company doesn’t know the health of the device. The three key things you want to be able to set up easily and correctly are: encryption, protection and patching.
2. Necessary user access
There is little or no value in a remote worker being sent home if they cannot access the systems needed for their work. Whilst some may find that Office 365 provides most or all that they need others will not. Secure remote access to those systems must be established if work is to progress!
If employees have slow or limited internet access make management aware, allowances can be made, or priorities set in order to support those business professionals endeavouring to keep things moving. It is worth checking your home internet provider allows secure VPN so you can establish an encrypted link to your offices if required.
3. Stand by your users
Users who are new to working remotely are making a lot of adjustments; working from home sounds great but often the reality is rather different. The environment is very different to the office; it may be quieter (or noisier!), rather lonely and the reason why they are working at home may itself play on their minds.
Helping users address connectivity issues, patching issues, security messages and similar distractions will prove key in giving them confidence that someone has their back.
Communicating with colleagues is crucial, which is why remote meeting and collaboration services are in high demand.
4. Keep it simple
For employees that are not used to working remotely the last thing they need in this time of change is an over complex system which they are not familiar with or have difficulties accessing. Solutions such as Office 365 or Remote Desktop Services offer methods of simplifying and securing your data and IT systems.
5. A road to chaos, paved with good intentions
Shadow IT is a term used to describe unauthorised hardware and software implemented by users; it happens in organisations at the best of times.
Now consider how a group of users may react to finding themselves working in disparate locations and “needing to get things done”. Sooner or later they will probably try using tools they’ve used before or others that they discover. Online chat boards, chatrooms or seemingly innocuous conference apps.
There are risks here: security and data breaches are a distinct possibility for both the company and the individual.
Under normal circumstances an organisation would have the time to consider its options and implement its preferences; for many remote working is not the first choice or is clearly beneficial for certain roles or individuals.
But we are facing a decidedly abnormal situation and one whose speed, scale and scope or development might be modelled yet remains unknown; and after this particular episode when will another be encountered?
We can work with you to help your organisation assess the options and quickly deploy a robust and reliable solution to enable safe, secure, remote working.
Call us. Talk to us. Work with us.