Three things your remote workforce must do to protect data
The rise of the remote workforce means that employees can literally work at any time, from any location and through any internet-connected device. This presents new challenges for organisations and an increased need for all employees and users to be vigilant when it comes to cybersecurity best practice. With employees no longer protected by the corporate firewall, and often working in public places and using unsecured Wi-Fi, there are three things they must do to protect the security of organisational data:
1. Avoid public Wi-Fi and use encryption
Working from anytime, anywhere offers an increased culture of flexibility for many workers. They can log on and work from wherever and whenever they need to, including cafes and shared workspaces. However, this also increases the risk of connecting to unsecured networks, which can present security risks.
It’s critical that users are effectively educated on the risks that are associated with using public and shared networks. Alerting users to the potential threats that the organisation can be exposed to when connecting organisational devices and sharing internal data via unsecured networks can help users to think twice before accessing these networks. It’s also essential to train employees on the benefits of encrypting files and networks. Encryption will help to better protect your internal systems when users access unstable and unsecured networks, providing a better level of protection for your data.
2. Be aware of who’s around when working in a public place
Protecting your network and data with digital defences is critical; however, it’s also important that users are educated on how they can physically protect company assets. Public and shared workspaces are convenient for flexible workers, though they also create risk by displaying corporate information on a screen that anyone can see.
Users must be cognisant of other people when working on laptops and other mobile devices in public spaces, including public transport. It’s important to ensure employees are aware of the risks of working in public spaces, including the potential for confidential business information to be seen by competitors or cybercriminals.
3. Only use company-sanctioned devices
While employees are far less protected by the company firewall when working remotely, the company can still provide an effective defence. One of the best ways to protect company information is to ensure that users only use company-sanctioned, secure devices to access corporate data.
Having access to organisational files and emails from personal devices is convenient for users. However, it’s critical that IT teams are aware of, and have some control over, all devices being used to access internal data. If organisations can’t provide devices to users, it’s critical that the IT team has a clear process to integrate personal devices with the corporate network and can provide relevant advice to users connecting and using their own devices for work.
It’s essential that all users take steps to protect corporate data and information while working remotely, even more so than working onsite as they are less protected by corporate firewalls and other security measures. However, it is possible that cybercriminals can still exploit vulnerabilities in the network and systems to access company data, despite the organisation’s best efforts.
Employees must also understand cybersecurity best practices including password protections, sharing devices and who to contact to report a suspected cyber-breach.
For more information on how to effectively integrate good cybersecurity hygiene into the life of a remote worker contact InfoTrust today.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help