The COVID-19 pandemic has prompted enterprises around the world to get their employees to work from home to ensure business continuity during the various lockdowns that have been implemented, as well as to curb the spread of the virus. This unprecedented mass migration of workers from offices to their homes has resulted in IT security operations straining their resources to ensure minimal disruption.
Companies began adopting work from home policies for remote working employees. However, cybersecurity continues to be a big concern for them. Simply because remote workers are accessing confidential company data on networks and devices that do not belong to the organisation. While large enterprises are able to provide devices to remote working employees, most smaller businesses have employees using their personal devices to work from home.
According to a study by IDG, commissioned by Dell Technologies, while small and medium businesses prefer a hybrid cloud approach in their transformation, only 44% of organisations are encrypting sensitive data. This can be rather concerning especially with employees now accessing this data remotely.
At the same time, employees working from home are also using their personal or public network connections to access company data. These networks may not be as secure as compared to using an office network. Also, many of these networks are normally not protected and can act as an entry point for cybercriminals.
Cybercriminals themselves are now targeting employees working from home as they are aware that they are vulnerable and exposed. Reports have shown an increase in phishing scam attacks on employees working from home and how companies have had their data exposed or breached due to malware from emails opened on personal devices.
So what steps can businesses take to secure work from home employees?
First, businesses need to understand who has access to their data. Businesses need to ensure that only relevant employees working from home can have access to sensitive workloads and data. Visibility is vital so that any unauthorised access can be prevented. Small and medium enterprises need a strong access control policy defined for employees.
Next, businesses should consider multi-factor authentication. This adds a layer of redundancy, giving access only to the authorised employee. Also, businesses need to ensure personal devices have multi-factor authentication to keep hackers at bay.
Adequate endpoint security is the third step. Endpoint devices are normally the entry points for most cybercriminals, except for phishing emails. Personal devices used for work as well as the IoT devices at home can act as entry points for malware. Having endpoint security assures threats are detected and dealt with before they cause more problems.
Lastly, the network needs to be secured. IT teams do not have control over your home network. Employees can opt for a virtual private network (VPN) on your work device before connecting it to your home network. However, make sure to avoid free VPNs as they are not safe and usually compromise security, killing the purpose of using it in the first place.
For businesses, many are accelerating their transformation journey with a hybrid cloud adoption to ensure remote working employees have more secured access to data. The use of both private and public clouds enhances business agility and performance. The private cloud on premises will be used mostly for working on sensitive workloads while the public cloud can be used for workloads that can be accessed from anywhere, at any time.
Dell Technologies Services Remote Productivity Series helps organisations quickly enable and support a significantly expanded remote workforce. IT leaders can equip users with personalised technology, collaboration and communication with options for secure, uninterrupted remote access. Together with a consistent hybrid cloud approach, businesses will be provided with flexibility, agility and adaptability, essential to success in the digital economy.
For more information on how you can secure your work from home employees and utilising the hybrid cloud for this, click here.