In Association with:
There’s no doubt that that COVID-19 crisis has changed the way we all work. And there’s no doubt that in the rush to get everyone working from home some companies took shortcuts with their cyber security.
Research from HP found 77 per cent of IT managers believe that staff working from home are more vulnerable to cyber-attack. But with modern tools there’s no reason why your staff can’t be just as secure whether working from home or in the office.
There are some basic rules to follow, and before you start spending money have a good look at what you already have, but are not fully utilising.
The truth is that most home workers have the same vulnerabilities as workers in an office. Email, and especially email attachments, remain the number one threat.
The attackers may have got more sophisticated – using targeted ‘spear phishing’ rather than mass emails but the end result is the same. They might be using COVID-19 subject lines, but a dodgy email is still a dodgy email.
Microsoft 365 comes with malware and ransomware protection, with phishing protection if you opt for the Business Premium version. Most email clients have at least some limited protection too.
On the software side Windows 10 Pro also comes with a variety of security tools baked in. And Windows Autopilot gives administrators great tools to get machines pre-configured and secure for the corporate network. It offers cloud-based device management, simple remote reset, and fast device repair for your Windows devices. The lesson here is don’t ignore security you already have.
For instance, HP business machines are built with hardware-enforced security features and a full stack of protective layers. Sure Sense uses deep learning to spot malicious files and ransomware attacks. Sure Click is a free download for HP and non-HP machines and provides a way to isolate key applications and protects them from the impact of malware.
HP Proactive Security means even the smallest business can enjoy the same protection as a big corporate player. Part of HP’s Device as a Service, it can offer excellent endpoint security without putting more pressure on the IT department.
This is a key point – life is immeasurably harder for IT security teams who are now protecting machines they did not order, have not set up and cannot physically visit. While technology can help, don’t forget that your staff are still your first line of defence – getting them working safely is vital to company security.
That means following the same rules which apply at the office, either using a company-issued laptop or PC or making sure personal devices have the right security in place. Even if you’re working in your kitchen you still need to use proper passwords for your machine and for company services and virtual private networks you log in to.
Staff might feel safer at home, but they should still not be storing any company data on their machines unless absolutely necessary – keep it on a properly-protected cloud service.
And if they really have to store sensitive information on their machines then it should be fully encrypted and protected by a separate password.
For many organisations COVID-19 has just accelerated change which was already underway. Home and remote working was increasingly normal and not just for the CEO.And so was the realisation that IT security is no longer just about defending the perimeter.
Modern cyber security is intelligent and actively monitors systems and users for behaviour which is ‘out of the ordinary’. This, allied to a good identity management system, is the best protection for any company, wherever its staff are working from.
To find out more about remote working, read the free report here:
This article is from the CBROnline archive: some formatting and images may not be present.
Matthew Gooding is news editor for Tech Monitor.