The importance of securing business-critical IT infrastructure and educating employees on the perils of logging on to unsecure Wi-Fi networks for corporate purposes is certainly nothing new. Headlines will tell us that hackers can find ways to easily breach public Wi-Fi networks and that workers using unsecured networks to access corporate assets can lead to damaging data breaches. But the issue of secured connectivity has been thrown into a fresh spotlight as millions of people continue to work from home under the current lockdown.
Many businesses who have rarely or never had a working from home policy have suddenly found themselves tasked with creating a fast, seamless and secure home-working environment for their employees. But how can this be done so as not to impact productivity and with a remote and dispersed IT team?
- Take steps to simplify IT security: IT teams should consider deploying a corporate-owned router to the home and putting all business traffic on a VPN architecture to the data centre. This enables lock-down of access and all traffic can be funnelled through security services in the data centre, even if its destine for the internet. This will maintain consistency with existing in-office policies while staff continue to work from home
- Content filtering is a must: Organisations dealing with sensitive information must consider content filtering as a priority. This limits which websites can be accessed by employees and can significantly help prevent malware or viruses from being installed on any company assets
- The time for even greater transparency: Now more than ever, employers should be educating their employees on how to protect themselves online. Staff need to be reminded of the common pitfalls to watch out for, such as phishing emails which can lead to data breaches and ransomware attacks. It never hurts to refresh on crucial cyber hygiene basics
- Deploy parallel wireless WAN: Organisations can use 4G LTE to create a fast and reliable create parallel networks to be used only for business devices and traffic. This physical separation prohibits attackers from using a compromised device to pivot to servers and networks that hold sensitive data
- Always focus on detection and response – not just prevention: Because no security software solution can successfully prevent every attack, rapid detection and effective response are essential layers of network security, especially with a distributed workforce
- Consider implementing Two Factor Authentication: Risk of breaches are greatly reduced when a company’s staff login process requires a verification code along with the username and password
Many businesses across the UK will be working from home for the foreseeable future. Taking the time to ensure that these steps are followed and maintained, will greatly reduce the risk of damaging and costly data breaches later down the line. Moreover, with a strong and easily understandable security policy in place, staff can be compliant whilst not sacrificing on speed, productivity and quality of work. With hackers looking to exploit the COVID-19 situation, robust network security is absolutely essential to avoid trading in one virus for another.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.