What happens when remote work becomes permanent?
As someone responsible for IT security, March 15 brought about a huge change in my department. With the pandemic closing offices and forcing people to stay home, I suddenly had to think about what it means to implement IT security for thousands of remote workers, instead of a handful of office spaces. And as uncertainty about the virus mounts, businesses across the globe are settling in for a long period of remote work, with some closing offices permanently for an entirely remote workforce.
At this point, many businesses have already implemented a short-term remote work strategy to support their employees. But as remote work becomes permanent, many of these strategies may need to change. Below, I’ve outlined some considerations for a permanent virtual workforce.
1. Create New IT Cybersecurity Policies
With more remote employees, it’s important to update your company’s cybersecurity policy to be relevant to the current workforce. Make sure that the policies reflect issues that employees will encounter when working from home, such as unsecured internet.
Most people don’t understand the implications of poor cybersecurity practices. That’s why it will be important to engage them in cybersecurity education. Instead of assuming they’ll read forms, create regular training sessions that will get employees thinking about security, and will keep them updated on new policies and threats. Create a session about the new policies, considerations, and threats that may arise when working remotely. Then, continue to have quarterly sessions to boost awareness of security measures.
3. Implement Multi-factor Authentication
MFA for IT departments should be a core component of their security policies. As more devices are automatically outfitted with MFA and more people work remotely, now is a good time to upgrade passwords. This will increase both network and device security for individuals, while still allowing for a good user experience.
4. Evaluate and Upgrade your VPN
None of us expected to have to configure a secure network with thousands of people all working from home on non-secure home internet connections. This is the time to evaluate your VPN to see how it is handling the load, and upgrade if necessary. If your VPN is up to the task, consider how you can implement more in-depth monitoring and how you can secure your connections even more.
5. Assess Security on All Systems
This is a time when all information security departments are finding out what works, what doesn’t, and what needs to be upgraded to perform at the standards that people demand. This includes communication tools, video conferencing tools and calendar tools, as these will now be more important than ever. But security needs to be a part of that evaluation. As you implement new and different ways of communicating, examine the level of security of these new systems.
Security and safety has become paramount over the last few months. Businesses have relied on remote working to keep their employees safe, and may need to continue to do so indefinitely. This is also the best time to consider the safety of your organization. Long-term remote working requires a new set of cybersecurity protocols to ensure the continued success of your employees and business.