Even as Australian employers are plotting a path back to normality, with new COVID-19 outbreaks and ‘hotspots’ appearing in a number of states, it’s clear the new normal is likely to include remote work and flexible working arrangements in many workplaces for months or even years to come.
This fundamental shift in working arrangements also brings responsibilities and challenges for both employers and employees, including managing workplace health and safety, mental health, productivity and ensuring you implement and follow cyber security practices for remote workers.
Here are four critical areas you need to consider for effective remote work cyber security:
1. Use Secure Hardware
Data security could be compromised if employees working from home use their personal equipment, so it’s critical that businesses supply hardware such as laptops, PCs and tablets, with anti-virus and firewall software installed, and 2-step password verification implemented to access to your network.
This will help protect your business from ransomware and other common cyber crimes.
It’s also important to incorporate hardware security into your remote work policies, and ensure your staff is following secure practices including:
- Employees need to ensure their premises are properly secured to reduce the risk of theft.
- Never allow employees to use public Internet access (including free wi-fi)
- Never leave equipment unattended in a public place or when commuting
- Be wary of working in public places as information on screens could be seen by others
- Avoid using public charging stations as cyber criminals are modifying USB connections to install malware on devices.
2. Use Secure Virtual Meeting Tools
Mass uptake of virtual conference tools without end-to-end encryption (and other security flaws) has left many businesses vulnerable to hacking and malware, so it’s critical that you implement secure video conferencing to protect your business. Consider the most appropriate and secure tool for your business, and then implement and use this tool effectively. Read more about how to implement secure video conferencing in your business.
There are numerous virtual meeting tools available, however, security flaws have been revealed in a number of these tools, so we recommend using a leading collaboration tool such Microsoft Teams, which also provides a variety of best-practice security features including authentication protocols.
Similarly, emailing files back and forth is never a good idea. If your staff are working remotely, they should be using a secure, cloud-based collaboration platform such as Microsoft Teams, or at the least share documents on a platform such as One Drive, Google Drive, or Dropbox.
3. Implement Effective Cyber Security Strategy and Policies
Work with your trusted IT provider or internal IT cyber security specialists to develop a scalable and customised cyber security strategy and remote work policies to protect your business. If you already have a cyber security strategy, ensure it is updated regularly, and adjusted to accommodate remote work practices. If your policies and procedures aren’t aligned to remote working operations, you risk creating a ‘work around’ culture that increases security vulnerabilities.
4. Educate Yourself and Your Staff
Take cyber crime seriously! Cyber crime is a real and active threat to Australian businesses, and you need to understand the importance of cyber security and how to reduce the risk of cyber attack in your business.
- Ensure your staff understand and abide by your cyber security and remote work policies
- Keep up to date with the latest threats. Subscribe to credible cyber security alerts and communicate these threats to your employees
- Train your staff when implementing new technologies like cloud-based file-sharing and VPN
- Focus on changing ‘problem’ behaviours with a regular weekly or monthly theme e.g. how to create strong passwords, and what phishing emails look like.
Understanding and implementing effective remote work cyber security practices has never been so important. If you need help developing your cyber security strategy or would like expert advice on secure remote technologies and practices, contact Surety IT today.