Smart IT support, made simple.
search

How to maintain security when employees work remotely

Posted by: Tamal Saha
Posted on: 05/08/2021

Knowing how to maintain security when employees work remotely is fast becoming a concern for many businesses as more and more adapt to remote working.

 

At OfficeTechHub we have years of experience in IT and data security. This blog will explore how security can be maintained by remote workers. We’ll cover the most common security risks when working remotely as well as tips and recommendations for using cloud-based systems, Microsoft Azure and disaster backup.

 

We’ve helped hundreds of businesses successfully set up their company networks to ensure they maintain security when employees are working remotely. Whether that’s from personal devices or employer devices, using public wi-fi, or a home network. Here are some of the FAQs around IT security and remote working.

 

What are the most common IT-related security risks when working remotely?

 

This largely depends on how employees are working from home, how they access their data and how systems are built and configured. To start with – there’s one myth to bust immediately – just having anti-virus/anti-spyware installed is not enough. These are four of the most common security risks…

 

Security risk 1 – passwords

 

No surprises here! When you think of “potential security threat” in relation to IT, passwords are often the first potential security risk to come to mind.

 

We’ve moved on from just having a pin number for our bank card. These days there are passwords and pins for everything… our phones, laptops, tablets, computers and TVs – plus every single application or programme installed on them.

 

We get it – it’s tempting to keep things simple, to make access easy, to use the same password for everything, to “keep me logged in” and to swerve the multi-factor authentication option. But this leaves you open to a whole host of security risks.

 

If you don’t have a password, if it’s weak or if it’s easy to guess then you are at risk of being hacked. And without meaning to scare you, (our aim is to educate and support you – so that, actually, you don’t need us very often), once your password has been hacked, there’s a chance it will end up on one of many master lists of previously hacked passwords where it will be used for attempted phishing attacks or to gain access to your data and personal information.

 

 

 

And guess what – it’s not only those with malicious intent and tech-savvy who may pose a security risk. When you give your device to your children for access to YouTube, games or apps then there’s a chance they could unwittingly gain access to your remote desktop or your customer data. Yes, the risk is low, but imagine blaming a breach in network security on Peppa Pig – it’s not going to go down well.

 

So, whether it’s for working remotely or accessing Netflix – make it a strong password.

 

Don’t compromise security unnecessarily. If you need help in remembering your important passwords, then consider a password manager program. And opt for two-factor authentication wherever you can.

 

Security risk 2 – software updates

 

No, the updates themselves aren’t the risk… It’s not updating them that can put you at risk!

 

Those notifications that pop up to alert you there’s an update available for your software aren’t just to make whatever programme application you’re using “work better”.

 

They often include “security patches” which will fix weaknesses that have been identified as potential security threats or are open to malware infection.

 

This means it’s incredibly important for all programme updates to be installed on any employer-provided devices or personal devices that may be used for remote working. If PCs and devices aren’t patched or kept up-to-date and running on the latest versions, there’s a security risk for potential hacking, malware, spyware or possibly data loss as a result of any of these.

 

Security risk 3 – access

 

There are few aspects to remote access that we’ll cover here – use of a VPN, wi-fi and who has access to your device.

 

Remote Access via VPN (virtual private network)

 

Using a corporate VPN to remotely access your corporate network and data is generally recognised as the most secure way for employees within a remote workforce to access a corporate network.

 

Whilst VPNs are a great way to maintain security when employees work remotely there are a couple of potential security threats to bear in mind.

 

Imagine your VPN as a super-secure tunnel connecting your laptop on your desk which is connected at one end to your home networks or wi-fi and at the other end, your corporate network containing your company data, customer data and everything else incorporated within your IT system.

 

Nothing can breach this “tunnel” or access the information and data as it travels through the tunnel. However – it’s at each point of entry, at either end of the tunnel, where the risks lie.

 

Despite VPN being a secure way to transfer information, there’s a potential risk at the entry points connected to each network – whether that be from the home network or the company network. Anything connected to either network, personal device or employer-provided device (desktop pc, laptop, iPad, phone, or tablet) will have access to the VPN, so if there’s an existing issue on either network, then this can travel via the “tunnel” to the other end – subsequently “infecting” the core data.

 

So, although VPNs are secure as you can’t penetrate the tunnel, you can open up access and instantly allow things straight through which could be a problem.

 

Remote access via Wi-Fi

 

Wi-fi is another element of technology that has been designed to make life easier and more accessible. Yes, wi-fi is great and what we can do with it is incredible, but it’s also the easiest thing to hack on a network.

 

Couple this with the common factor that most people working from home tend to have older routers and technology at home that’s unlikely to be as up-to-date or as secure as they would be in an office, and you have another potential data breach.

 

If you’re working from a desktop or laptop in an office that’s connected to the internet via a cable, then the risk is reduced. So, although it might seem over precautious or take a little bit of extra effort – if you have the option to connect via a cable rather than via wi-fi, it would be a wise decision.

 

Using public Wi-Fi

 

If you’re connecting to public or unsecured wi-fi networks to access a website, whoever controls this has access to the data going through it. Information such as credit card details, personal or sensitive data goes through their network.

 

In theory, that means someone has access to that and can read the data, they can manipulate it, copy, record it. This is where access via a VPN provider can make the difference as it protects your data and stops any data breaches or potential security threat posed by the wi-fi network.

 

Who has access to your personal devices?

 

As we’re talking ‘access’ here, it’s worth a reminder to consider who has access to your devices – as mentioned above, it’s crucial to have strong passwords.

 

And that really handy “remember me” feature? It makes like easier, but it also makes remote work so much riskier. If your work laptop is left on your desk, used in a co-working space or habitually situated on your kitchen table at home where colleagues or family members can access it then you don’t want them to be able to easily access your remote desktop or company data.

 

(Note: We’re not suggesting here that your co-workers, kids or partner would intentionally wreak havoc on your customer data but accidents happen which can leave you open to external threats.)

 

Security risk 4 – file sharing

 

With file-sharing becoming common across multiple industries and a day-to-day activity for many, it’s another area to approach with caution.

 

Dropbox, Microsoft OneDrive, Google Drive, FileShare, and Box… plus many more – these are all great resources that help us to work more effectively and be more agile.

 

Antivirus solutions can prove effective in preventing data loss.

 

However, when you’re sharing your files, you need to consider…

 

  • How do you know every PC or device used to access them has anti-virus software?
  • What kind of anti-virus do they have?
  • Is your own anti-virus software running on the most recent update?

 

The risks depend on how systems are built and configured but file-sharing can potentially leave you open to security threats such as viruses, malware, spyware, worms or Trojans.

 

Obviously, when you’re filesharing for business purposes the risks are more calculated – if you’re working with a reputable organisation and they look after their IT systems, then all should be well but if you see anything slightly suspect, then approach with caution.

 

Tips for remote workers to stay secure

 

Here are some quick suggestions to help remote workers maintain security when working from home or away from the office:

  • Ensure your anti-virus and anti-spyware programmes are all up-to-date and ideally, these should be an all-in-one solution from the same provider.
  • Be security conscious when setting passwords – don’t use the same password multiple times or use personal or easy to guess passwords.
  • Use a cable to connect to the internet where you can.
  • Use a VPN connecting directly from your machine into a network but don’t save your password.
  •  Use dual authentication wherever, and whenever you can.

 

How can organisations ensure secure access to company data for remote employees?

 

Here are three ways to maximise and maintain security for remote workers.

  • Invest in your IT systems and support. With such a business-critical function, it makes sense to get support and guidance from the experts rather than trying to figure things out for yourself. With over 25 years of experience, we know what works and what doesn’t. We use our specialist knowledge to select the right systems, platforms and support packages for your business to keep your IT smart and simple.
  • Use the cloud. Cloud networks are the most secure option, much more so than a local network. This isn’t necessarily just about data security either – there are multiple risks to a local network (stored on laptop/computer/server) including fire, breakdowns, flood or break-ins and those are risks even before anyone can get to the data. By moving to the cloud those additional risks are covered; if one piece of hardware fails it automatically goes on to another piece of hardware. It’s got redundancy and reliability built-in. Plus, the cloud has been built securely with remote working in mind so employees can access data and systems remotely.
  • Educate your team. Provide your employees with cybersecurity awareness training and a policy document to ensure they are aware of security policies and security risks – not only when working remotely but when in the office too. Also, ensure your employees have the right tech to allow them to do their job from wherever they need to. (If you need guidance on this, we’d be happy to help.)

 

Stay connected with smart and simple remote working solutions from OfficeTechHub

 

Now you know how to maintain security when employees work remotely, it’s time to put it into practice. Our remote solutions work for your business when you need them and include Microsoft Teams and a full Microsoft 365 suite to ensure business continuity remains stable at all times. Your workforce deserves the best tools to do their jobs.

 

Let’s work together and get your remote teams working productively and securely. Get in touch to see how OfficeTechHub can help your business work smarter.

Share this post

Related news