Top tips and tools for secure home working

With large swathes of the world’s workforce now working from home, or any other space that keeps them physically safe in these worrying times, we look at the ways you can also keep your remote workers cyber safe, with some top tips and tools to strengthen your cybersecurity.

As many of us settle into the new normal of working from home, it has become increasingly important for businesses to boost their cybersecurity, to prevent opportunistic cybercriminals taking advantage of the vulnerabilities widespread remote working can create. Indeed, with the sudden surge in home working, as a result of the coronavirus crisis, there has also been a significant rise in cybersecurity threats. For example, ransomware attacks on organisations have skyrocketed in recent months, with several high-profile attacks taking place, such as the one suffered by Garmin, in July. Similarly, Canon also reportedly had 10 terabytes of data stolen in this way, while Honda likewise experienced technical difficulties as a result of such a strike. Hardly a day goes by without the media reporting some new cyber threat or another. In fact, there could be said to be a cyber attack pandemic playing out in parallel to the coronavirus pandemic. So, what can you do to ensure you don’t fall foul of such scams and stay as safe as possible in these ultra-challenging times? Well, the answer is ‘Plenty’, so here are just a few tips to get you started and help ensure cyber nasties don’t breach your business IT barricades.

1. Good cyber hygiene

Perhaps the first thing to consider, is whether your cyber hygiene is up to scratch. In much the same way as we now stay safe by upping our personal hygiene game, with thorough handwashing, boosting your cyber hygiene can help to keep you safe online. This involves adopting rigorous, proactive practices and procedures to protect against threats which can easily be thwarted before they take hold. These could include the following:

• Adopt a strict password protocol – Make sure that only complex, unique passwords are used, and these are regularly updated. Ideally, these should contain a combination of at least 12 letters, numbers, symbols, upper-case and lower-case letters, for maximum security.
• Ensure all data is backed up – This may sound a simple step, but it is often overlooked. Ensure that all data is backed up to a secondary source, such as cloud storage, so that no information is lost in the event of a security breach. See Prodec’s Back up as a Service (BaaS)
• Limit access – Only give employees login details for the systems they really need access to, and limit admin-level access to those who must have it. This can help to avoid any employee-related security issues which could arise.
• Keep all software updated – Regularly review and update all software, as this can help to ensure that you have the latest protection against any security threats.
• Supply company devices – Avoid allowing employees to use their own devices, as you will have little control over the information stored on such hardware, and how secure it is, which poses a risk to the protection of confidential information and could become a major issue if workers are fired.

In fact, you could also consider creating a common cyber hygiene policy, which details best practices for all your remote workers to follow.

2. Cybersecurity training

With remote working becoming the norm, your workers may be even more susceptible to some cyber threats than usual. Social engineering attacks, such as email phishing scams, rely on tricking people into performing actions which provide access to confidential information, and remote workers may be more off guard than if they were in an office setting, surrounded by co-workers to consult with. Furthermore, the number of such social engineering attacks has shot up in the current crisis, with many preying on coronavirus-related fears. Indeed, the combination of more remote workers and many more cyber threats, has been described as ‘the perfect storm’ for cybersecurity. This is therefore the ideal time to provide employees with cybersecurity training to make them more ‘click-clever’ and aware of the risks. In fact, with the right training, rather than being the weakest link in your cybersecurity war, your workers can become the first line of defence against the latest cyber attacks. In addition, sending out regular simulated phishing tests can help to maintain awareness and keep such attacks at bay.

3. Secure connectivity

Providing employees with secure connectivity to your business network while working remotely is also vital, to minimise cyber threats. This can be achieved via a virtual private network (VPN), which has increasingly become a must-have for organisations with rapidly rising numbers of remote workers. A VPN is a network that extends across public wires to connect many users to one shared, secured network. It will encrypt communications, allowing confidential company information to be sent from one device to another without any possible intruders intercepting it in between. VPN technology is widely used in corporate environments to deliver frictionless, secure access to the enterprise network using any device, at any time, in any location, while protecting the organisation. An alternative option, especially suited to securing people working from home on a more frequent or long-term basis, is Prodec’s CloudShield – a straightforward device that plugs into the home router. This supplies seamless, secure remote access to business-critical resources without the need to configure VPNs, and provides a reliable overlay through which your corporate resources can be delivered. Click here to learn more about CloudShield.

4. Next-generation firewalls

Next-generation firewall (NGFW) platforms are now commonly considered the cornerstone of an effective network security strategy. NGFWs go one step further than your traditional firewall, to protect you from the plethora of next-generation cyber threats that are now bombarding business. These integrated hardware and software solutions help to defend against threats by combining automated processes and machine learning, which makes them capable of defending against the known and, perhaps more importantly, the unknown. In fact, they can block malware from entering a network and protect devices and businesses from a much wider range of invasions than traditional firewalls. In this way, you can maximise your security and prevent cyber threats from penetrating your business defences. Prodec offers a wide range of NGFW technology solutions, delivered either as a physical device or virtualised, as a service.

5. Cloud security

As the number of users, data, and services located outside your organisation's traditional network increases, you may need an architecture that delivers network security from the cloud. Cloud computing, which is the delivery of information technology services over the Internet, has become a must for businesses seeking to accelerate innovation and collaboration. As with the security system of any computing environment, cloud security involves maintaining adequate preventative protection against unauthorised access, to keep your data and applications in the cloud secure from current and emerging cybersecurity threats. While cloud providers, such as Amazon Web Services (AWS) and Microsoft Azure, offer many cloud-native security features and services, supplementary third-party solutions are essential to achieve enterprise-grade cloud workload protection from breaches, data leaks and targeted attacks in the cloud environment. Prodec Networks’ cloud security products and solutions are powered by world-leading security technology manufacturers, such as Fortinet, Palo Alto Networks and Cisco. These solutions have been carefully engineered to provide the necessary visibility and control across multi-cloud infrastructures and enable secure applications and connectivity from the data centre to the cloud.

6. Malware protection

With new and more malevolent malware constantly being developed, it is crucial for you to stay on your toes and never become complacent about potential cyber threats. You can think that you have been clever and covered all the cybersecurity bases, only to be caught out by the latest scam. A whole collection of threats, such as viruses, worms, trojan horses and spyware, lurk in cyber space ready to throw your system into chaos given half a chance. So, with this new era of remote working, it is a good time to take stock and perhaps have an IT security review, which can identify specific areas that are especially vulnerable and at risk from attack. Your defences can then be tightened where needed, by IT security experts. Through its partnerships with some of the world’s leading manufacturers of security technology, Prodec can offer comprehensive, up-to-the-minute malware protection, that features advanced sandboxing, blocking, real-time malware detection, and continuous threat analysis that even protects against previously unknown and unanticipated cyber threats, referred to as ‘zero-day’ malware.

If this is beginning to sound like a battle, you’d be right, as cybersecurity really is a war of attrition, but by putting in place some of these tools, you can increase your chances of victory and keep your home workers as safe as you can.

Enterprises of every size and type, across the UK, rely on Prodec’s cybersecurity expertise to keep them secure at every edge, from network to cloud. Prodec works with only the very best providers of security technology to ensure its customers can rest assured that their network, data, apps and users are as safe as possible from a plethora of increasingly sophisticated cyberattacks.

If you have any concerns with your IT security posture, do not take the risk, contact Prodec today to discover how we can help deliver the protection your business needs.