A new phenomenon that’s being reported by companies during the coronavirus pandemic is the “stranded employee.” This results from a disconnect between an employee and their normal company structure while working from home.
A stranded employee can feel all alone and disconnected when it comes to things like technology support, task management, and IT security. This disconnect can be especially disconcerting when faced with increased phishing attacks and other security risks inherent with home networks.
In a flash survey of businesses shortly after COVID-19 began, 40% of employers said they had a problem with stranded employees.
One of the most challenging aspects of switching to a remote workforce during the pandemic has been giving workers the support they need. This is especially true when it comes to cybersecurity.
Data breaches and malware infections not only put company data in danger, they also can lead to sensitive information being stolen from other devices on the same network. This can lead to identity theft problems for an at-home worker.
There are six important security safeguards you can put in place for employees working from home. These will significantly reduce the chance of a data breach and mitigate risks that come from working outside a controlled office environment.
Do These Things to Keep Remote Workers Protected from Cyberattacks
There has been a significant increase in cyberattacks around the world since the coronavirus pandemic started. Hackers are taking advantage of a convergence of several unique factors:
- Business operations are disrupted
- Business data is being access from less secure home networks
- Fears about the pandemic can be exploited in phishing attacks
- Workers are often left without the security support they usually have
- Everyone is more distracted due to the pandemic
Just because employees are working from home rather than in the office, there’s no reason to just assume IT security will be at larger risk. Put the following safeguards in place and you can mitigate potential data breaches.
Secure Connections Through a VPN
A business virtual private network (VPN) is incredibly useful when employees are traveling and connecting through free hot spots. When your staff is working from home, it’s even more critical.
A virtual private network can bypass weak security of a home router. This allows you to put a blanket of protection across your workforce to secure their online sessions.
A VPN is a secure tunnel through which internet connections are routed. Employees simply turn on the application and their online traffic is sent through a VPN server that encrypts the data transmitted to keep it from being intercepted and compromised.
Daily/Weekly Cybersecurity Touch Point Meetings
Having a short daily or longer weekly video meeting with your team specifically to discuss cybersecurity is important. User awareness of things like the latest COVID-19 phishing attacks and what to do if they suspect a virus, keeps users on their toes. That awareness and regular reminder of IT security translates to less risk of a breach or malware infection.
Regular video conferences also keep your team feeling connected and lets them know they’re not alone, reducing the chance of them feeling stranded while working remotely.
Use Multi-Factor Authentication (MFA) for All Logins
Login credentials are often the target of phishing attacks. Phishing emails will send employees to fake login forms for platforms like Office 365, and once a hacker has those credentials, they exploit them.
Requiring an additional factor of authentication at login, such as a code that’s sent to a device, significantly decreases the risk of an account compromise even if a hacker has the username/password.
Have employees use MFA for all logins to company cloud applications, remote login software, and web-based accounts.
Automate the Patch and Update Process
Ensuring that devices have their software, operating system, and firmware updated regularly is critical to good cybersecurity. Without regular updates, systems are left vulnerable, and it’s how a majority of breaches happen.
You can automate the update/patch process for remote employees in a couple of ways:
- Use an endpoint device manager, like Microsoft Intune; or
- Use a managed IT services plan (bonuses include remote tech support and other security/maintenance protections)
Ensure Security “Basics” Are in Place
There are several security basics that everyone should be using to protect a device, whether they’re at the office or at home. You just can’t assume that an employee-owned device being used for work will have them.
You want to check that devices employees are using for working from home have the basics like:
- Good antivirus/anti-malware program
- Basic firewall protections (like those in Windows 10)
- Web protection (DNS filtering) that blocks malicious websites
Home Router Security
Using a VPN will help prevent a data breach due to a hacked router. However, it it’s also important to have employees do what they can to beef up their router security.
They’ll want to connect to their router and check for any firmware updates. These will often include important security patches.
Ensure the router has a strong password that uses a combination of letters, numbers, and special characters. It should also be at least 10 characters long.
For additional device security, they can set up a “guest” network on their router and only connect their work PC and devices to that network to keep them separated from other connected devices that might pose a higher breach risk.
Give Remote Employees the IT & Security Support They Need
With a managed IT services plan from Cris’s Tech Repair, your employees can have the vital tech support they need while working from home. Our plans also include multiple safeguards that reduce the risk of a security incident.
Contact us to sign up today at 561-985-4961 or through our website.