The safe modern workplace: ready for the future with a cybersecurity strategy
“You can safely assume that a home network is not safe,” says Mike Remmerswaal, Director Systems Engineer Northern Europe of cybersecurity provider – and our partner – Palo Alto Networks. That is a clear statement. Outdated software, weak access control and insufficient supervision: unfortunately these shortcomings regularly occur in practice.
This is a real problem, as more and more people are working from home. Apart from having many benefits, it also gives rise to a large number of security risks. Simple human error may, for example, cause a data leak that could expose privacy-sensitive data to the world. In order to avoid the resulting damage or loss of reputation, you need to keep monitoring cybersecurity closely. This turns out to be quite a headache for many IT managers of both small and large national and international companies.
But this does not necessarily need to be the case. As a security expert, we will be happy to tell you how you can prepare your company for a future in which people work from home safely.
What is safely working from home?
If you do not offer remote working facilities to your employees, they will use their own internet connections and/or laptops. These are fine for using Google, email or Netflix, but are not always as well protected as in your office, even though your employees do work with sensitive company data. even though your employees do work with sensitive company data.
Imagine that someone clicks a link in a phishing email that appears to come from their manager or the director and this is not being blocked due to inadequate security measures. They could be giving criminals access to information on their laptop or, even worse, the whole company network. The weakest link determines the level of security at your company. Your aim obviously is to make this as strong as possible to prevent your company from being shut down by people with bad intentions. This is why working from home safely starts by raising awareness among your people, supplemented by the right equipment.
Kortom: veilig thuiswerken is simpel gezegd het aanbieden en veilig maken van de faciliteiten die uw medewerkers nodig hebben om thuis hun werk te kunnen doen.
Why is working from home safely so important?
By the end of 2020, almost half of all employees were working from home, and 1 in 4 indicate that they intend to continue doing so structurally, either part-time or otherwise. This was revealed by the latest figures from the NEA-COVID-19 survey conducted by TNO. If the number of unsecured home offices grows, the risk of data leaks will naturally also increase. This is why working from home safely is a crucial topic in the IT strategy of any company that is seriously committed to the future.
What are the 5 key tips for working from home safely?
1. Work in a secure environment
If employees use the company network from home, you can secure the connection by encrypting it through a VPN. Do not forget to update firmware as well. If the router software includes a leak, the home network will no longer be safe enough. The use of USB sticks and hardcopy files with personal data is never a good idea.
2. Protect sensitive documents
Phishing is something we have all come across at some point. In short, it means that criminals digitally try to get key information from us, such as login codes. They often use emails for this. Criminals also try to abuse human nature, by posing as official government bodies. Phishing emails can also be used to infect the network with harmful viruses and malware by adding attachments or links that are opened by the recipient.
You should therefore teach your staff to be alert for suspicious emails. Always check who sent them and whether the questions in them are normal. Is someone suddenly asking for login codes, passwords or personal data? That should trigger alarm bells. Tell your staff that links or attachments with .exe or .bat files often contain malware.
3. Introduce a software policy
Make sure that people cannot install all kinds of software programs on their computers. Select a number of programs that are used by the whole company. This allows you to monitor the flow of information.
4. Policy for updates, patches and back-ups
Making regular back-ups, installing patches and updates on time and implementing other measures (virus scanners, firewalls) may reduce the risk of data leaks. You should therefore check whether your IT policy needs to be tightened and determine who is responsible for this.
5. Adopting a modern workplace
Setting up a modern workplace requires a different mindset from both people working from home and IT managers. Employees must learn to handle new tools and solutions. This requires training and guidance, but your people must also be convinced of the added value of this. Not everyone is willing to embrace changes to processes, systems and procedures just like that, even though the adoption rate is the most important factor for the success of digital transformations.
Working from home safely and the GDPR: how does this work?
The General Data Protection Regulation (GDPR) requires you to adequately secure personal data, also when working from home. Both employees and employers are responsible for this. That is why technical measures need to be implemented and clear work arrangements need to be made as described above. Other practical examples of ‘GDPR-proof’ measures when working from home are:
- Never leave laptops unattended.
- Always lock your laptop when you are not working on it, however briefly this may be.
- Provide a workspace where people cannot listen in (or use headphones instead).
- Do not leave documents lying about unnecessarily and destroy them adequately.
- Use a fully updated and supported operating system.
- Keep private and work equipment separate as much as possible.
- Delete any work documents from a private laptop after use to keep private and work-related matters separate as much as possible.
What tools do you need to be able to work from home safely?
Advanced endpoint security, network security and encryption are essential parts, but is important to consider the whole chain and to make sure that both internal and external users are not an issue. Identity management and correct authorisation processes also play a key role in the security of the organisation. A safe modern workplace should go hand in hand with smart security systems and continuous monitoring of potential risks.
Are you ready for the future? Our security experts can answer all of your questions. Please contact firstname.lastname@example.org or call +31 (0)88-4637700 for more information. We will be happy to provide you with advice tailored to your situation!