Creating a Resilient Workforce for a Secure Remote Future
Back to business?
Now that more companies are reopening, employers may be wondering how to sustain the flexible remote work options necessary in the wake of COVID-19.
Two-thirds of business cyber security incidents occur due to system vulnerabilities or employee-activated breaches such as phishing scams. A successful shift to remote or flexible staffing can only be guaranteed if you’ve taken the proper steps to keep your business’s networks safe on all fronts—even the home front.
How can businesses adjust securely to permanent shifts in remote work arrangements? Here are some tips that can help you facilitate on-site and remote staffing arrangements and cyber security policies to protect your employees working from home.
Focus on Home Hardware Security
When stay-at-home orders began going into effect at the beginning of spring 2020, many businesses were unprepared to sustain a large remote workforce. IT departments around the world strained to keep up with the demand of such a sudden change.
The safest option for employees working remotely is company-owned hardware that is protected by enterprise-grade firewalls and security monitoring from IT professionals. But not every company has the resources to purchase all new laptops to make sure all workers are set up to work from home safely. This means some remote workers may have to temporarily use their own hardware.
All elements of a work-from-home setup must be maintained to protect against the constantly changing cyber security threat landscape. Any systems that access company data must receive regular security updates, and personal computers should have their own user profiles without administrative access to be used only for business purposes. For employees with access to sensitive information, an enterprise-grade firewall is considered essential by IT experts.
Whether your employees are using their own personal computers or those owned by your company, always consult with your IT support team or a managed services provider (MSP) for guidance about the best options for your business’s needs.
Cyber Security Training Is Worth the Effort
Whether or not your company already implements cyber security training for all employees, it’s imperative that you focus on it in the months ahead. Remote workers are exposed to a different environment than in the office, and they might be struggling with personal complications due to the global impact of the pandemic.
Continuous training keeps all employees on the same page concerning the company’s security and privacy expectations, which is essential for those working from home. Provide frequent refreshers on practices such as your company password policy, application permissions, and multi-factor authentication (MFA). If you’ve been putting off implementing a company-wide MFA policy, now is the time. These systems provide users with a one-time access code or biometric sent to a second device, such as your mobile phone, that can be used to confirm the identity of the user.
According to BakerHostetler’s 2019 Data Security Response Report, “raising employee awareness and employing multifactor authentication are still two of the best defenses against these attacks.”
Encourage a practice of checking in with a coworker if a suspicious link hits your inbox. In addition to referencing training materials, employees can work together to keep everyone accountable and informed. A simple gut-check is often the only step necessary to confirm whether an e-mail is a cleverly disguised phishing scam. Always ask before you click!
Cyber security training shouldn’t be approached with a “one-and-done” outlook. The digital threat landscape has adapted to the pandemic as much as businesses have, and remote workers are the most vulnerable. Training should be constant.
Listen to Your Employees, Even When You Can’t See Them
One of the first lessons businesses learned at the beginning of the COVID-19 pandemic was the value of good communication. Suddenly the systems we relied on every day were swept out from under our feet, and every aspect of our lives changed overnight.
You’re going to have to consider employees’ individual needs. Some employees may be itching to get back to the office, while others will be uncomfortable with the risk. Until the way forward looks clear, consider implementing a flexible staffing model that allows those who feel safer working from home to continue doing so while still providing support to those who choose to work in-house.
Be mindful that your business is not the only institution affected by COVID-19. Employees working from home are likely overwhelmed by video calls and meetings from every part of their lives. However, checking in with your team and asking them about their challenges will do a lot to maintain everyone’s morale and productivity. Give your employees the space to articulate what they need in terms of hardware, software, or other support to keep daily operations going strong. Pushing your team beyond reason creates burn-out attitudes and pushing the use of unsecure personal computers for sensitive data creates opportunities for cyberattacks.
Business success in a post-COVID world lies in the balance of both digital and social awareness. Trust in and advocate for your IT support team and workers. Flexibility and security will help you build a successful remote workforce ready for whatever challenges you may face in the future, while providing for clients’ and employees’ needs.
Amy O. Anderson is a principal partner at Anderson Technologies, an IT company that optimizes technology to meet the demands of small and mid-sized businesses. For more than 20 years, Anderson Technologies has provided the IT solutions firms need to be competitive in today’s marketplace.