How To Secure Your Business When Remote Working • Blisstech Solutions

The global COVID-19 crisis means that more people are remote working than ever before.  Businesses rushed to enable their employees to work from anywhere very quickly, which may include access to sensitive company data.  In the rush to stay operational during the crisis, it can be easy to overlook security in favour of convenience.  However, remote working can be done securely, and here are some key pointers to help you.

Secure Windows Remote Desktop

A quick way of enabling remote working is to enable Windows Remote Desktop (RDP) and open port 3389 on the firewall.  BAD IDEA!  RDP has had a lot of security vulnerabilities associated with it and should not be exposed directly to the internet.  Use Remote Desktop Gateway or a VPN to protect the systems you want to provide access to while remote working.

Deploy a VPN

A VPN enables employees to make a secure connection into your internal network from anywhere.

The connection is encrypted between the remote computer and network so it can safely be used without fear of snooping.  For the employee,  it can appear to them as if they were connected directly to the internal business network.  You should consider adding multi-factor authentication to ensure that, if a user’s password is compromised, the connection is still protected.

Use Cloud-Based Systems

Using Software as a Service (SaaS) such as Microsoft 365, or other cloud-based systems, gives your business a huge amount of flexibility, and allows your employees to work anywhere.  SaaS solutions are based on centralised systems in the cloud, and because of this they also can offer better security when they are configured correctly, especially when combined with multi-factor authentication.  As company data and systems are available securely in the cloud, there is no need for users to take external copies of data or use shadow IT so they can work remotely.  All of this means you have control of where your data is and who can access it, so it is far less likely to be compromised.

Enable Multi-Factor Authentication

Multi-Factor Authentication (MFA, but also known as 2FA) adds an additional ‘factor’ to the login, in addition to the password.  This ‘factor’ is usually something that you have like a mobile phone, email address, or security token that provides and an extra code needed to log in.  You may be familiar with using this as it has become very popular recently, being used by banks, the UK Government website and many more.  You should consider adding MFA to any critical system exposed to the internet.   This includes, but is not limited to, VPN, email, CRM, accounting system and any other cloud-based system used to run your business.

Centrally Enforce Security Policies

Remote working can be bad for IT security.  When your users are not protected by your companies internal systems like firewalls, and are in the relaxed environment of their home they drop their guard.  Problems like using business issued systems for personal and family use can expose your business to additional threats.  You can use solutions from Sophos and Microsoft to centrally enforce your security policies to prevent this.

Update Your Systems

Having endpoint software up to date is key to ensuring that they are protected from known vulnerabilities and malware.  Having a strategy and systems in place to check and enforce anti-virus, Windows and other software updates means you know that your users’ endpoints are up-to-date and protected as much as possible.

Educate Your Users

A good remote working setup

Threats from phishing and other scams are at an all-time high, with hackers trying to take advantage of people’s fears about the coronavirus.  Employees need to be educated now more than ever.  Protection for the human layer comes down to training and education. Following the training, you need to keep users on their toes and there are services available that can automate this.

Have Remote Working Policies In Place

Clearly articulate what behaviour is expected, and not expected, to your remote workers.  If a user does something that puts your business at risk, you can’t reprimand them if you didn’t communicate policy.  You may also be able to enforce some of this policy (updates, web browsing, etc) using technology, but even if you can’t enforce it, you should explain what is, and what is not, allowed.

We can help

If you need any assistance with remote working more securely, or remote working full stop, please contact us on 01299 382 321 or get in touch through the website.

More Content

When did you last have a health check?

Book now for an IT check-up, to get in great shape for the journey ahead? You do it for yourself and your car – now do the same for your workplace tech

Tech Tip: How to use Copilot AI to Create Presentions

Welcome to a new Tuesday tech tip video. In it, I'll show you how to leverage the power of Microsoft 365 Copilot AI and PowerPoint to streamline your presentation creation process. Whether you're a seasoned professional or new to creating presentations, this video...

IT Managed Services for HR and Recruitment

Technology has significantly impacted businesses involved with human resources, changing how HR and recruitment organisations and professionals operate. Technology has automated many administrative tasks, has made it easier for HR and recruitment professionals to...
A man talking to his colleagues in an online meeting similar to Microsoft Teams

How to use MS Teams to replace your file server

You all know MS Teams as a video conferencing tool, but do you know about all of its other cool features? One such feature enables businesses to replace file servers, allowing users to work from anywhere and collaborate on documents in real-time.  This video shows you...

8 tech trends you need to prepare for in 2023

The end of the year is a time when many business owners take time to reflect and plan for the coming year. For many that will involve thinking about forecasting and growth over the next 12 months, but we want you to think about the tech trends in 2023 that will affect...
A woman looking at her phone while working from home

Homeworking is bad for IT security

A new homeworking security report from CyberArk has surveyed 3000 remote office workers and IT professionals. It finds that increased homeworking, resulting from the 2020 pandemic, could be bad news for a company’s IT security posture. It has uncovered several...

LinkedIn takes action to tackle fake accounts

LinkedIn is introducing new verification features over the coming months to help tackle fake accounts. The business-focused social platform is a fantastic place to connect with like-minded businesspeople, and to find new employees, jobs and opportunities. But thanks to this popularity, we’re seeing an increase in fake profiles, created by scammers for more sinister purposes. Bot-like accounts have been cropping …
Read More

Is Your Business Ready for Coronavirus Lockdown?

With the COVID-19 coronavirus continuing to spread in the UK, and Italy and China placing lockdowns on their towns and cities, it seems likely that the UK will follow suit if the outbreak continues apace.  Experts have stated today that the spread of the virus in the...
How to cheat (the Blue Screen of) Death

The Blue Screen of Death and how to avoid it

The dreaded Blue Screen of Death makes you panic about what happened, how much work you’ve lost, and how long it’ll take to fix. But a lot of the time it’s avoidable… We’ll tell you how.

Laptop and stethoscope

How Much Should You Pay for IT Managed Service Costs in the UK?

If you are looking for managed IT services in the UK, you should understand there is no "one-size-fits-all" solution. There are many managed service providers out there and they offer a huge range of prices. This can be overwhelming when trying to choose between them!...
Share This
Contact
Love Lane
Cleobury Mortimer
Shropshire DY14 8PE

01299 382 321
[email protected]
Copyright © 2024 Blisstech Solution Ltd
Registered No: 08125391 VAT No : 307 5490 05