The NEW PARADIGM
Ever since COVID-19 changed our world forever there has been a paradigm shift in the way we work – for the better.
It has become clear that it is very much possible to work from home productively.
A quick internet connection, mobile phone, laptop and video conferencing tech is all you need.
Improvements in technology and the move to the cloud has meant the “Office Network” as we know it may cease to exist, at least in its current incantation.
The daily commute is now from the bedroom to the home office so we now have more time to work instead of travelling. This saves money, time and pollution.
Of course this move is not without its challenges. As we move from BYOD to Shadow IT to Working from Home, it becomes essential to secure your company data and devices.
See our tips for securely working from home.
Secure your Cloud Services
The vast majority of businesses use either Microsoft Office 365 or Google G-Suite as their Cloud providers. These services have security built in but not fully implemented.
It is important to take some time to enhance the security of these providers.
Both providers have settings to increase email security. Phishing, Malware, Ransomware – all of these nasties find their way in to your inbox. If you can minimise these types of emails you can prevent a major threat to your staff. Block emails with dangerous file types, put spam emails into Quarantine not Junk and monitor outbound spam for activity. These are just some examples of enhancing email security.
Third Party Email Security Providers
Although Microsoft and Google Email security is getting better they still use heuristics to determine spam. This is a somewhat outdated method for detection.
Consider investing in a Third Party provider like Proofpoint who use Machine Learning techniques to better prevent unwanted emails arriving in your inbox. These services sit between the internet and your email provider to keep you safe.
Multi Factor Authentication
Enforce Multi Factor Authentication for your users. All major cloud providers have Multi Factor Authentication built in so there is no excuse for not using it. In a recent RSA conference – Microsoft Engineers said that 99.9% of the compromised accounts they track every month don’t use multi-factor authentication. Read the article.
Data Classification and Data Loss Prevention
Both Microsoft and Google have Data Classification and Data Loss Prevention Services. It is vital to ensure sensitive company and personal information is secure. You can create Data Classification policies to define data sensitivity and then enforce security to ensure this data cannot be transmitted externally. This prevents accidental leakage of information.
Mobile Device Management
Both these providers have free built in Mobile Device Management solutions. Enrol user mobile devices. Enforce password policies, minimum software versions. If a user’s phone is stolen you can remotely wipe company data.
For those still connecting to your office network, ensure a strong VPN service – not PPTP as this is outdated, insecure tech. Try to use hardware VPN services that come with the company firewall rather than software services. IPSEC is recommended.
Secure your home Wireless Connection
Provide Security Protection
Ensure that all devices have up to date anti-virus, anti-malware, and enabled device firewalls at a minimum.
You can push this out automatically. Exxa uses Ninja RMM to automatically install Anti-virus and Anti-Malware, enable firewalls and enforce policies for our clients. All of this happens silently in the background.
Keep your Software up to date
Ensure software is up to date at the application and operating system level. This helps prevent against Zero day exploits. Ninja RMM has full Patch Management capabilities to always keep you safe and up to date. Alternatively, you can set your Windows and MacOS computers to automatically update the Operating System (but not your Applications).
Educate your Users
The biggest threat to the security of your organisation is your employees. It is your responsibility to ensure they are educated so that they don’t click on links that could endanger your organisation.
There are many great services you can use to educate your users on all aspects of security. These can cost a couple of dollars a month per user so well worth the expense.
Implementing security for your home workers can sometimes be tricky and time consuming, which is where we come in. At EXXA we can help secure your WFH workers so they can do what they do best. Get in touch.