Circle the Wagons: 5 steps to protect your IT and keep remote workers connected

More remote workers are prompting employers to critically consider cybersecurity protocols while keeping employees engaged and connected.

From assessing remote capabilities and setting expectations, to implementing procedures and preventing cyber breaches, the following steps will help ensure remote workforce success moving forward.

Assess your company’s remote work capabilities.

For many companies, this shift to remote working happened almost overnight, leaving little time for adequate planning. Now is the time to audit and assess the new network access your company needs and consider any security implications.

Thing to consider:

  • Does the employee have a sanctioned device or do you need to acquire more phones/laptops?
  • Do you have enough VPN licenses?
  • Do employees have sufficient internet access to perform their jobs?
  • What cloud applications do employees use on a regular basis?

Set and communicate expectations for remote work. 

As many of your employees are likely working from home for the first time, now is a great time to reach out to your team to outline your company’s work-from-home policy. Some 24% of businesses haven’t updated their work-from-home policy in over a year, so use this as an opportunity to do so.

Things to address:

  • Availability and responsiveness: What hours do you expect your team to work?
  • Are remote workers expected to respond immediately? How will that expectation be communicated? For example, will urgent requests only be made by phone?
  • Devices and platforms: Remind your employees which tools and platforms they should be using, including company- owned or personal devices (remind them of your policies), cloud storage platforms, communication/video conferencing tools, project management tools, etc. Encourage your team to avoid all non-sanctioned devices and software.
  • Incident reporting: Where should an employee go if they feel like the company’s information may have been compromised? Who should they report the breach to, and what steps should they take to minimize the fallout?

Don’t forget to set your team members up for success with the right remote-work equipment. This could include a second computer screen to boost productivity or a quality web camera for the video conferencing calls they’ll be making with the team and with clients.

Foster a culture of cybersecurity.

Employees are under constant threat from targeted attacks. Your corporate culture is the difference between intercepting the attack or getting hacked. Hackers use techniques to manipulate and influence your users into taking the action they want, using authority and urgency as a weapon. As a leader, you should encourage open channels of communication so when any employee sees something they believe is a threat, they feel empowered that their concern will be taken seriously.

Consider:

  • Making training and awareness top priorities. Training your team members on potential cyber threats and concerns must be ongoing, especially since companies are at risk more than ever.
  • Share stories and reward behavior. When an employee reports a potential attack, they could be saving your business a major headache. Incentivize employees to share their experiences with receiving phishing emails, to discuss attacks against similar businesses and to report suspicious activity can help drive awareness and get others involved.

We highly recommend our clients take out a cyber-liability insurance policy for their business. Recovering from breaches is incredibly expensive and time-consuming. A cyber liability policy is designed to help organizations mitigate risk exposure by offsetting the costs involved with recovery after a cyber-related security breach or similar event.

Implement multi-factor authentication.

Hackers are increasingly targeting usernames and passwords for theft, placing your users’ account information directly in their cross hairs. For this reason, we recommend deploying multi factor authentication (MFA) to all your users so they are authenticated with more than just a username and password every time they connect to your network.

MFA also allows you secure access to cloud applications and environments that remote workers might access directly from the internet, adding an additional layer of protection at a time when businesses are most vulnerable.

What to look for in an MFA solution:

  • Application coverage. Your solution should protect all the critical applications your employees may need.
  • Simplicity. The solution should be intuitive for users of varying technical ability. Most solutions utilize an app on your users’ smartphones for ease of use.
  • Multiple authentication methods. Support for multiple online and offline authentication options ensures authorized users can access what they need, when they need it.

Keep endpoints free of malware. 

Malware and ransomware threats have accelerated. While endpoint antivirus solutions will catch many threats, they are powerless against evasive, zero-day malware that we see all too often. Endpoint detection and response (EDR) solutions cannot only detect these advanced threats, they can kill the threat and return the infected device to good order, 100% remotely.

Essential features of an EDR solution:

  • Automation and artificial intelligence. Artificial intelligence allows an EDR solution to use behavioral, heuristic and sandbox analysis methods to identify new threats as it sees them, even if it’s never seen them before. Automating detection and response can make threat response nearly instantaneous.
  • Host isolation. When a threat is detected, the infected host should be removed from connectivity with other parts of your network to avoid spreading infection.

About the author

Ben Eavey focuses on building Rehmann’s technology consulting practice to serve clients with the best IT engineering talent and project management in the industry. As director of professional services, he leads the professional services and project management teams and provides strategic direction for engineering across all Rehmann branch locations.

Published in Cybersecurity

Meet The Rehmann Team

Start typing a name ...
Searching for "{{nameQuery}}"...
Start typing an experience ...
Searching for "{{experienceQuery}}"...
Start typing a location ...
Searching for "{{locationQuery}}"...
Or view a list of team members

get rehmann expertise to drive your business in your inbox every week