Many businesses have become more flexible with a mixture of office-based workers, hybrid workers, and fully remote workers.
Work doesn’t look the same as it did in 2019. And because of that, cybersecurity in 2022 doesn’t look the same either. When you have people working away from your office, you need to take additional security measures to keep your data safe.
1. Help your team secure their home routers
The router is the box that spreads the internet around the house. You might know it as the Wi-Fi box. You can give every member of your team advice and direct support to keep their router secure. Things like:
- changing default admin passwords to randomly generated long passwords;
- making sure the router’s operating system, known as firmware, is always up to date;
- and disabling remote access, so no one can change anything in the router unless they are physically on the property.
You could create a policy to make it clear that your team must follow standard security guidance for their home network if they want to work from home.
2. Make sure your systems are monitored
Your IT support partner should be monitoring your systems. That doesn’t mean having a quick check that everything is working as it should be and waiting for you to flag up any issues. It means they should constantly monitor your network 24/7, looking for anything unusual that may cause an issue—and preventing problems from escalating.
Unfortunately, cybercriminals don’t work to our schedules. They certainly don’t work a 9-to-5 job. It’s more likely that they’ll make changes when they believe no one is watching. And they may launch an attack at three on a Sunday morning to give them as much time as possible to do what they need to do. Your IT team needs to be ready.
3. Reassess your VPN
Virtual Private Networks have been invaluable over the last couple of years. But while they’ve allowed remote access to your business network, the large-scale use of VPNs has created a higher risk of a data breach. If a hacker breached a device using a VPN to get onto your network, it means they could have full access to everything without needing to pass further security measures.
An alternative option is to ditch the VPN and take a zero-trust approach. This means the credentials of every device and person trying to access the network are challenged and must be confirmed. If a hacker does gain access, they can only cause damage to the specific system they have accessed.
4. Carry out a security audit
The best way to ensure your business is protected from this kind of attack is to get a security audit. Take a look at the security you already have in place and identify what’s missing to keep your business as safe as possible without getting in the way of everyday work.
If you’re working with an IT support provider, they should already have a fully detailed account of your security systems. It’s worth asking them what weak areas they have identified and your options for improving them. An expert will assess your business and how your people work and make suggestions on the security measures that will work best for you.
Protecting your data while employees are working from home is not straightforward. However, a layered approach to security can lower your risk of an intruder getting into your business network via an unsecured home network.
Information used in this article was provided by our partners at MSP Marketing Edge.