When lockdown 1.0 happened, the regulators cut businesses a lot of slack with regards to their data security. Arguably, they didn’t have much choice. Now, however, they do. This means that businesses need to ensure that they are implementing remote working in a secure manner. Here are some tips to help.
Make sure your general cybersecurity is up to standard
All businesses should have 100% oversight of all the personal data they hold. That means what they hold, where and why along with who has access to it and why and at what point it expires. They should have 100% oversight of all sensitive data (even if it’s not covered by GDPR). Ideally, they’ll have 100% oversight of all data regardless of whether it’s sensitive.
All personal data should be kept encrypted at all times. It’s advisable to encrypt all sensitive data. All-important data should be backed up in two different locations. Companies do not have to backup data from a cloud to an offline source. They do, however, need to back up data from one cloud into a different one. No company should ever rely on just one backup in one cloud.
For completeness, if data is kept encrypted in production, it also needs to be kept encrypted in your backup. This ensures that your data is kept safe from theft even if your backup system is compromised. None of this is specific to remote work, but it is clear from recent statistics that many companies are still failing here.
Maintain remote devices effectively
At the start of the pandemic, some employees were forced to use their personal computers because their companies were not able to provide them with laptops to use at home. Hopefully, this has now been sorted. If not, then you need to make it a priority to do so. Remember, you don’t necessarily have to buy new hardware, it’s often possible to lease it.
If you lease hardware, you may be able to get a maintenance contract to apply operating system updates and possibly updates to core software. If not, you need to arrange for updates to be applied in some other way. This could be your own IT team, or a managed IT services vendor. Managed IT services could also be a handy way for you to manage network security.
If you’re working wholly in the cloud, you might want to consider using Chromebooks. If you’re working mostly in the cloud but also need offline capabilities, then you may want to look at Macs. Neither of these operating systems is hacker-proof but the way they are structured can make them more challenging to hackers.
Train your remote workers on basic cybersecurity precautions
There are three key security precautions all remote workers must follow.
- Make sure that their workplace has the screen facing in towards the room rather than visible from a window.
- Make sure that they back up all data to a central location rather than to a personal drive.
- Make sure that they switch their computer off at night.
Luke Watts is the director of RoundWorks IT, which are specialists in managed IT support, cyber security, IT security and more for businesses across East Midlands.