Remote working: Keep data secure on private devices (BYOD)

Maintaining network security while employees work from home is a challenge. Work-from-anywhere is the new norm. COVID19 has drove us to embrace remote working and put the traditional in-office model on its head. But it has also created remote working cybersecurity risks.

Why are there data security risks while remote working?

• Cybersecurity came runner up during the first lockdown. In the rush to set-up remote workers, cybersecurity took a back seat, temporary fixes were found and existing security policies became outdated. Here are our 9 steps to improve cybersecurity while remote working.
  
  
• Employees connect to insecure, public Wifi connections in cafes and lifestyle gyms. Do you know where your employee are working? Does it matter?
  
  Whatever the reason; to improve productivity, ambiance, convenience or to get away from home distractions, it comes with its cyber risks. Laptops need firewall software to maintain effective cybersecurity protection.
  
  
• Cyber criminals take advantage of your fears and worries just as much as your security and network weaknesses. Coronavirus related phishing email, call and text message scams have dominated this year. Employees can easily fall victim and put your business’ data at risk.
  
  Scams can look legitimate, particularly when they impersonate:
  – Your HR department: requesting ‘Remote working Access’
  – Click and Trace: free or fast track coronavirus testing
  – HMRC: work-from-home tax rebate
  – Zoom, Microsoft Teams, Google meet: requesting login details
  
  
• There are huge security vulnerabilities when an employee uses their own private device or ‘Bring Your Own Device’ (BYOD). Luckily they can be easily managed, which will cover below…

What if an employee uses their own device or laptop?  

This is a critical factor when keeping data secure. Bring Your Own Device (BYOD) is not a new issue, but is more relevant than ever. An employee using their own computer equipment is unlikely to have the right security controls in place.

I advice businesses to issue devices if possible, as they are much easier to manage and secure. You will also avoid legal and regulatory headaches, however, this is not always possible.

How do I keep company data secure if an employee uses their own device or laptop?

The secret is to find the long term solution. Do not be tempted put in short-term or interim fixes, as they often become the long term arrangement. The long term arrangement becomes an ongoing cybersecurity risk.

Mobile Device Management (MDM) tools allow IT administrators to monitor, manage and enforce security policies onto personal devices. They work by ensuring privately-owned devices meet certain security guidelines. For example, you may need the latest software update to gain access or to connect to company resources/data. MDM tools can also remove company data from the personal device should the employee leave the business.  

Controlling remote workforces’ access to business data 

Virtual desktop technology can facilitate and control access to data in applications such as CRM, Sage or MS Office. A virtual desktop provides seamless access to applications without any data actually being stored or transferred onto the user’s device. This is how it provides significantly high protection. 

What private devices or ‘Bring Your Own Device’ (BYOD) can be secured using Mobile Device Management (MDM) and virtual desktops?

Windows PCs, Macs, laptops, iPhones, iPads, and Android mobile and tablet devices. 

People are the weakest link in remote working cybersecurity

Mobile Device Management (MDM) and virtual desktops will provide the technology to keep data secure to a degree. However, people are usually the weakest link when it comes to data security. 

Companies must be clear about an employees role. What are their individual responsibilities? Send them a copy of your security policy and remind them of their duties.

Educate staff using online user awareness training and assessment tools. Do this on an ongoing basis. This is cost effective, easy to monitor and easiest to implement while employees work from home.

What if I have a small business or have a limited budget?

Mobile Device Management (MDM), virtual desktops and online user awareness training are practical and affordable to business of all sizes. Cloud delivery allows them to access the technology without a large up-front investment, preserving vital cash reserves during the pandemic. 

What next?

If you’re looking to make your business cyber safe, remember to lean on an expert and ask lots of questions. Book some time with me if you have any questions about remote working cybersecurity.

See our learning centre for more information and top tips about keeping your business cyber safe.