I.T. Matters, Inc. CEO Shares IT Infrastructure Expertise On The Wolfe Den Show
Ha Tran, I.T. Matters’ President, and CEO, recently appeared on The Wolfe Den Show to discuss how a well-maintained IT infrastructure will keep remote workers secure.
Key points in this article:
- Is your company’s IT infrastructure configured for secure remote work?
- Personal devices can severely endanger your company’s data
- Securing remote workers and their personal devices is a matter of following our best practices
Check out the full video:
The Inherent Risk Of Remote Work
The remote work model offers a number of benefits that you’ve likely taken notice of over the course of the past few years. Remote workers have seen the benefits as well:
- 77% of remote employees say they’re more productive when working from home
- 76% of employees prefer to avoid their office completely when they need to concentrate on a project
- 98% of remote workers want to continue to work remotely (at least some of the time) for the rest of their careers
However, for all the ways remote work is beneficial to both the organization and end-users, it’s not without its challenges.
You’re reading this article, which means you’re worried about remote cybersecurity to some extent—and you should be. 36% of organizations have dealt with a security incident due to an unsecured remote worker.
According to Morphisec’s Work-from-Home Employee Cybersecurity Threat Index, 20% of workers said their IT team had not provided any tips as they shifted to working from home. Is that the case for your remote workers?
Cybersecurity Considerations For Remote Work
When the pandemic hit, it hit fast. Despite what, in retrospect, may have seemed like a gradual build-up, it was virtually over the course of a single weekend in March that businesses across the US had to pivot to a remote work model.
Obviously, the first priority was maintaining business continuity. You needed to make sure your new remote workers had the technology and the remote access necessary to do their work.
But the process doesn’t end there—security is a complicated undertaking for remote work models and needs ongoing attention. Continuing with a remote work model, whether entirely or in part, will require enhancing security measures.
What To Consider Before You Approve Personal Devices…
“With the prospect of remote work comes questions that we have to answer for our clients to make sure they’re protected,” says Ha.
One of the most critical considerations with remote work is whether or not your staff will be allowed to use personal devices. Mobile devices have made it easier and easier to get work done while on the go, with laptops, tablets, and smartphones providing a simple way to share and review documents, stay in touch, and more.
However, as convenient as mobile devices are, they aren’t guaranteed to be secure, especially when dealing with private company data. Unsecured coffee shop Wi-Fi networks could put business data at risk. If the user’s children share access to the device in question, they could accidentally delete important business data.
The fact is that, if you allow the use of personal devices for business processes, you need to take additional steps to ensure they are secured…
How To Protect Company Data On Personal Devices
“As a company, you have to decide how much security you are risking when you introduce personal devices into your network,” says Ha.
Mitigating the potential risks of personal devices and remote work is a matter of implementing and managing the right best practices:
Company Data Policy
Make sure to denote where data can be stored. If your company uses Microsoft 365, then you shouldn’t allow your users to store their work on personal DropBox or Google Drive accounts.
Furthermore, make sure to dictate whether users can save business data locally on their devices. If a malicious employee were to keep offline synced copies of valuable business data on their device, it could put your company at risk.
Application Whitelisting
Remote administrative actions should only take place via secure channels, and ideally, on a separate administrative network.
Managed Antivirus
In order to fight rapidly evolving and diverse cybersecurity threats, you need enterprise next-generation endpoint protection that leverages the power of advanced AI engines, automated endpoint protection, and rollback capabilities to keep your business safe.
Known as “next-generation cybersecurity”, this advanced type of cybersecurity software uses artificial intelligence to better predict, identify and eliminate harmful malware. In a remote setting, a fully managed antivirus solution is ideal as it provides some degree of oversight.
In the event that the user receives a pop-up about a potential threat and chooses to ignore it, the team managing the antivirus solution can address the alert themselves.
Patch Management
Despite how advanced modern software is, it is still designed by humans, and the fact is that humans still make mistakes. That’s why much of the software you rely on to get work done every day could have flaws—or “exploits”—that leave you vulnerable to security breaches.
Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users.
That’s why you need a team looking after your patches and updates on your behalf, taking the onus off the user.
Multi-Factor Authentication
Multi-factor authentication is a great way to add an extra layer of protection to the existing system and account logins.
By requiring a second piece of information like a randomly-generated numerical code sent by text message, you’re able to make sure that the person using the login credentials is actually who they say they are.
However, this isn’t just for websites and common user accounts—MFA should also be enabled for VPN and Remote Desktops.
Conditional Access
Conditional Access software gives you the ability to enforce controls on the access to apps in your environment, all based on specific conditions and managed from a central location. It’s an extra layer of security that makes sure only the right people, under the right conditions, have access to firm data.
Data Loss Prevention (DLP)
A DLP policy tracks sensitive data and where it’s stored determines who has the authorization to access it and prevents the accidental sharing of sensitive information.
Hard Drive Encryption
Encryption technology is a great way to protect important data. By making data unreadable to anyone who isn’t supposed to have access to it, you can secure files stored on your systems, servers, and mobile devices, as well as files sent via email or through file-sharing services.
This is especially important for remote devices, and employee-owned devices. Laptops and home-based hardware need to be properly encrypted.
Need Expert Assistance With Secure Remote Infrastructure?
In the remote setting, technology is necessary so that you and your staff can:
- Access files, applications, and systems from a remote setting
- Collaborate with colleagues, partners, and customers via video conferencing solutions
- Stay secure against the increased rate of phishing attacks related to the pandemic
- Maintain communications with cloud-based phone systems that keep staff connected
I.T. Matters, Inc. can help—over the course of the pandemic, we’ve gained extensive experience in helping our clients to launch, optimize, and secure remote work capabilities.
Now that the mad rush to go remote is over, it’s time to perfect your processes. You don’t have to do so alone. Get in touch with the I.T. Matters team to get started.
Would you like to reduce frustrations with technology and boost operational efficiency within your business? The I.T. Matters team partners with companies of various sizes to help you create a secure, scalable, and flexible technology infrastructure.
Exceptional customer service is at the foundation of everything we do – ensuring that IT projects fully align with your business goals. Our friendly and knowledgeable team continually reviews industry trends and government regulations to help reduce risk and create a more productive IT environment for your business. Whether you are looking for full-service, outsourced IT infrastructure support, or simply need help with an upcoming technology project, contact us to help!