You've probably heard the phrase 'the new normal' referred to more times than you can count. But there's a reason it keeps popping its weary head into our vernacular, especially when it comes to how we work.
For businesses, it means remote working, and many are embracing it. After all, it offers increased flexibility and improved collaboration. That said, it's not without risk. Thirty-nine percent of businesses have reported cyber breaches since March 2020. And yet there's no need to despair. There are measures you can take to improve the security of your remote working. In fact, we've come up with ten things you can do today.
1. Update your remote network connectivity
VPN allows remote access to networks over encrypted connections. But as the attack surface expands, hackers are exposing VPN vulnerabilities. Thankfully, there's a new(ish) kid in town. SD-WAN allows real-time access control, while securing not only endpoint devices but traffic from the network to the cloud, too.
2. Install security software
Here's a scary statistic: phishing attacks are responsible for 83 percent of cyber breaches. Terrifying indeed, until you take into account that there's software to keep these threats at bay. Microsoft Defender for Endpoint, for instance, comes not only with anti-phishing capabilities, but anti-virus and anti-malware, too.
3. Train your staff
To err is, alas, very human. In fact, 85 percent of security breaches involve the human element. This often happens when someone can't spot the difference between a legitimate email and a phishing attack. Train your staff to recognise the warning signs of breaches as well as to run scans regularly.
4. Run tests
This is sneaky, but it works. Send your own version of a phishing email, sans the virus of course. Then you can provide urgent training to whoever opens it. But there are also ways to identify threats within your network, so you can quickly mitigate them.
5. Create a security checklist
Create a checklist for your staff to follow on and off-site. This should include everything from installing anti-virus software to not leaving remote devices unattended.
6. Encourage transparency
Encourage your staff to raise issues as soon as they occur using a 'just culture' no-blame approach. This will enable you to mitigate damage more quickly than if they were to keep mum.
7. Limit access permissions
Even if you're simpatico with your clients and suppliers, granting them unlimited access could put your network at risk. Reduce the chance of breaches by restricting the access permissions of users outside your organisation. You can easily set different levels of access with Azure, or disable accounts entirely to be enabled again when needed.
8. Implement multi-factor authentication
Add an additional level of security with multi-factor authentication for emails, files, and any site or app you use on company devices. This will stop hackers from exploiting passwords, and ensure only authorised people gain access.
9. Don't BYOD (or do it carefully!)
Bringing your own device can increase the risk of theft. It's also fraught with other
security issues, like insufficient access control. Consider issuing devices for company use only. Then you could install next-gen Firewall-as-a-Service for state-of-the-art security, no matter where they are.
However, we know life post-pandemic isn't quite as it was. Providing devices for all members of staff just isn't an option for lots of organisations. So, if BYOD is your thing, you'll be happy to hear that Microsoft have put together some guidance around secure remote working with a BYOD policy. The guidance covers the Microsoft 365 services (including Azure Active Directory and Microsoft Intune) that can be adopted – and how businesses can mitigate the risks associated with remotely accessing unmanaged devices.
10. Ask the experts
A dispersed workforce creates its own unique set of challenges. If you want to take your security to the next level, ask experts to identify your weak points and what you can do about them.
Work remotely — stay secure
Remote working comes with lots of benefits. But if you don't consider the security risks, it could cause costly data breaches and destroy your business's good name.
Luckily, there are plenty of ways to secure your business when remote
working. We outlined ten of these here, but if you want to know more, we're always happy to talk. After all, we're old hats at working in 'the new normal' (and that's the last time we'll mention it!).
We’ve even put together the Azured Guide to Identity and Access Management so you can find out to avoid the fate of the Death Star.