Teleworking and IT security: 4 key reflexes
The health crisis has had the effect of intensifying teleworking in many companies. But this situation has also resulted in a major increase in IT insecurity. To guard against this, it is essential to adopt a number of key reflexes, giving you peace of mind in your teleworking activities.
1. Raise awareness of risks among employees
First of all, it is essential to continuously increase employee awareness of the most widespread risks, including:
Phishing, which involves sending a message to a web user in order to steal their personal information. This has grown rapidly in tandem with teleworking, the aim being to access your work inbox as a way of entering the IS.
Data theft is an attack which involves accessing your network or cloud, either to demand a ransom, resell information, or disclose it. This can be achieved by simply compromising an employee’s computer or hacking into the company’s system.
With ransomware, hackers can exploit a security flaw in your IS or trick teleworkers into downloading a malicious attachment. The aim is to install ransom software on your network in order to encrypt or block access to information, and then demand a sum of money.
Fraudulent requests also exist, where the identity of a manager or trusted person is stolen in order to request a fraudulent bank transfer.
2. Adopt “security” reflexes
For stronger security, it is recommended that teleworkers do not use their own equipment for professional purposes. They should be provided with company tools, approved by your department. Next, remote access to company resources must be limited. Everyone must be individually identified so that the source of any attack can be traced. It is also preferable to partition access, in order to reduce the risk of spreading. You should also ask teleworking employees to log into the company via a VPN, or virtual private network, in order to encrypt all remote connections.
3. Update security solutions
While it is recommended that you install professional antivirus software (different solutions can be used for network infrastructure and workstations), it is especially vital to ensure that it is regularly updated on all connected devices. It is equally important to strengthen the data backup policy, regularly checking its smooth functioning, and ensuring that this is carried out outside the company’s network. Finally, cloud solutions can also pose a risk. Ensure that your supplier can guarantee a sufficient level of protection.While it is recommended that you install professional antivirus software (different solutions can be used for network infrastructure and workstations), it is especially vital to ensure that it is regularly updated on all connected devices. It is equally important to strengthen the data backup policy, regularly checking its smooth functioning, and ensuring that this is carried out outside the company’s network. Finally, cloud solutions can also pose a risk. Ensure that your supplier can guarantee a sufficient level of protection.
4. Mobiliser ses ressources4. Mobilise your resources
Finally, it is important to mobilise all your resources around compliance with security rules. Be sure to allocate time to someone in your department to supervise activity remotely, in order to quickly identify any “abnormal” behaviour.
In addition, training and awareness-raising sessions for teleworkers are necessary, so that the right behaviours can be adopted. Finally, management must be aware of best practices, in order to convey these essential messages within the company. An internal process must be adopted to react quickly and effectively in the event of an attack (business continuity plan, procedures, etc.).
Teleworking and its widespread development therefore pose major challenges for the IT department. Digital security must therefore be strengthened to ensure the effective and smooth development of teleworking. To help you, our latest ebook is available to download. Containing lots of examples and practical cases, it will offer you a clearer understanding and allow you to fully seize the opportunities offered by these new teleworking challenges.