Improving security and compliance in remote work environments

If your organization is like most, your employees are working remotely, and your business continuity plan is being put to the test (understatement of the year, we know).  

You’ve been forced to rapidly figure out how to equip your employees to work from home, collaborate with each other, and stay productive—but the shift to remote work also means that many of them could be using unsecured devices, apps, and Wi-Fi connections.

And that’s not all. Are your workers saving their data to the right locations, tracking it by the right systems, classifying it correctly, and keeping it out of the wrong hands?

These aren’t normal times—which means you can’t take the same old approach to data security and compliance. Every day, hundreds or even thousands of remote connections are accessing, editing, and introducing new data into your systems of record.  

Not surprisingly, hackers are seizing the opportunity to access unsecured business and personal data. In fact, between March 10 and April 10 of 2020, remote desktop brute-force attacks in the United States surged 330% over the month before.

Your organization must focus on meeting its security and compliance requirements. Here are some common challenges that businesses are facing, and suggestions for how to increase security awareness in the workplace—no matter where that might be.

Challenge #1: Access security and control

For years, organizations have turned to cloud-based programs for collaboration. While these programs can help your teams work together and exchange information, they can also lead to information oversharing. And now, with most or all of your employees remotely logging into your systems, what if you’re unknowingly giving access to the wrong people, or exposing your information to be compromised?  

Internally, employees might be using unauthorized tools to access company systems of record—or using easy-to-crack passwords that hackers could use to steal sensitive data. And externally, your company could be inadvertently sharing too much information with external companies, partners, and vendors.

Solution: Increase data and information security  

If your organization is experiencing sudden dips in usage of authorized platforms and tools, this could indicate that remote employees are using a different platform to access data. Usage spikes are concerning, too; for example, abnormally large downloads of information could indicate a security breach.

Be sure to implement IT health checkups and proactively monitor what data is being shared and with whom. Here are some ways to more effectively manage and track who accesses your systems of record and networks, so you can respond proactively to any threats:

• Install security software on every computer in your organization to scan for malware
• Require employees to log in, preferably as part of a two-factor authentication process
• Use strong firewalls, and update them regularly
• Educate employees about security issues: how to identify phishing emails, create a strong password, and keep work devices free of personal information
• Ensure computer operation systems and applications remain up to date
• Actively monitor your business network in real time to quickly spot threats and other issues

Challenge #2: File security

Here’s one scenario to look out for. Currently, all presentations are remote presentations—and because presentation platforms can be glitchy and email can’t handle large file sizes, many presenters share files with colleagues via free file-sharing programs. While these programs are convenient, that convenience can come with costly risk to your business—like potentially exposing your private documents or libraries to security threats.  

Solution: Enable secure file sharing  

IT departments should actively promote the systems that are available to employees for file sharing and collaboration. They should also hold virtual training sessions to walk employees through basic “what if?” scenarios to ensure that everyone knows how to collaborate and send files securely. To identify new “rogue” collaboration tools early (and potentially bring them into the fold), IT must ask employees for input and feedback. Finally, make sure your organization has an easy-to-use, accessible file–sharing tool to minimize the need to transfer files externally.

Challenge #3: Systems security

When your teams worked from your office, it was easy to create a strong corporate network with intranets, firewalls, and other security measures—but now, employees may be finding that it’s harder to access data because local networks can’t keep up with access demands.

Solution: Migrate legacy content to the cloud

Many regulated companies have put cloud migration on the back burner, relying on their legacy on premises or hybrid infrastructure—which, increasingly, can’t keep up. Move your content to a cloud-based system now; the cloud delivers reliable security and better accessibility and scalability. It also makes collaboration easier for your employees, which means that they’re likely to work together more productively.

We know—these are strange times we’re living (and working) in, but you can help your business continue to thrive and come out stronger on the other side by giving your employees the tools they need to work efficiently, productively, and securely.  

After all, effective cybersecurity is always an essential service.

‍

*RDP Attacks Surged by 330% in The US Amid Pandemic, Atlas VPN, May 2020