While remote working has been relatively commonplace in some companies, 2020 turned it into the norm. In the blink of an eye, employees all over the world made the move from the office to working from home. COVID-19 caused a major upheaval in most organizations, and those who could work from home were integral in keeping the economy going.
However, because of the sudden onset of the pandemic and the lockdowns that followed, businesses had little time to ensure that proper security protocols were put in place. In an office, systems are in place to keep data safe, but in the home environment, these safeguards fall away.
As a result, cyber-attacks have skyrocketed by over 400% as hackers capitalize on employees accessing corporate infrastructure from unsecured or vulnerable home networks. Not only does this put organizations at risk of data theft, it also puts them at risk of falling foul of regulations such as the GDPR, and facing huge fines.
If you need to do the same, consider the following steps to protect your business, and your employee’s privacy:
1. Update Your Antivirus Solution
When everyone is in the same office, it’s far easier to ensure that only sanctioned devices on the premises are linked to your network.
You can also enforce an IT policy that prohibits the downloading and installing of programs and applications that might cause harm to your network. Additionally, you know that people are all connecting to your network and accessing your data via the secure internet connection you’ve set up.
To protect your company’s online infrastructure, it’s essential that your employees all have suitable antivirus protection on their devices when working remotely. This will ensure you’re protected against most malware and hacking attempts.
2. Provide A VPN
A Virtual Private Network (VPN) is a great online security tool for those who connect to public Wi-Fi, or use a Wi-Fi network that isn’t confirmed as being secure. VPNs prevent outsiders on the same network from spying on what you’re doing—capturing your private data, learning your passwords, and seeing what websites you access.
Your online activity is encrypted by a virtual network that acts as a secure, private tunnel. This virtual tunnel can be set up on any internet connection, and it’s a safe and cost-effective option for businesses of all sizes. All your employees need to do is install VPN software or connect via the VPN server.
3. Secure All Home Routers
Too many people are guilty of connecting new routers to the internet and setting up the network using the default settings. There’s also a common tendency to not secure the Wi-Fi connection, or set a strong password.
If a user can connect to the Wi-Fi without entering a password, that connection is not secure. Anyone can watch what happens over that connection—information sent and received, websites visited, and passwords entered.
The next big mistake people make is setting the network up as secure, but using the device username name and the password that comes with the router. These details are written on the bottom of the device for anyone to see. Hackers can also access this information fairly easily by searching for default settings on a router’s make and model on the internet.
It’s essential that any employees connecting to the office network or accessing work information (including emails) have taken the time to ensure their router isn’t easily hackable. It’s relatively simple to change the username and password via the router settings, and everyone should do it.
4. Use Company Programs For Communication And Storage
There are plenty of business tools you can use for your company’s online ecosystem that are secure. Office 365 and Google’s suite of business apps are both good options because they offer storage and processing programs, as well as messenger options for group chats and individual chats—both typed and videoconferencing. The company’s systems administrator can set up accounts for each employee and monitor who has access to what.
With this kind of system in place, your remote employees can have the same access to each other, and to relevant documents and projects they would in the office.
It’s also more secure when you use a paid-for corporate resource rather than the free versions individuals often have access to. This is a win-win for productivity because it helps to keep work and personal lives separate, something that’s a lot harder for employees working from home.
5. Promote Good Habits For Securing Devices
A major hazard for business or personal devices being used for company jobs remotely is not being able to keep them physically secure. Whether someone is working from their bedroom, on public transport, or in a restaurant, it’s important to lock the device when not in use.
Having a password or two-factor authentication that requires a fingerprint means that someone can’t access confidential company data or infrastructure accidentally, or with malicious intent.
Devices also shouldn’t be left out in the open unattended, even at home. Best privacy practices say that you should always keep smaller devices in drawers or cupboards when not in use. For items that aren’t easy to pack away, make sure they are not within easy reach of windows or open doors.
Although the switch to working for home happened so quickly, there’s no reason your business shouldn’t now take the time to update privacy policies and procedures. Keeping your employees safe and your data secure should always be a priority.
You can use your business plan template to outline the new approach your company will take to security. Plus, you can map out the way forward, and adjust your financials and projections in line with any equipment or infrastructure you need to invest in to maintain adequate security levels.
Your business plan should be a working document that defines the direction you’re going, and what you need to do to get there. By updating this, and all other company documents to reflect the “new normal” you’ll have a clear plan of action that can be implemented.
Once you have your documents, policies, procedures and all other necessary elements in place, include your employees in the conversation. Get them onboard with maintaining the highest possible standards of data privacy.
It’s a process you can get through together.