May 28, 2020

Best information security practices for remote workers

Protect your remote workers with hosted Cloud solutions, Microsoft Teams support, and preconfigured laptops that fortify your company’s information security. 

On March 17, 2020, Ontario’s Emergency Management and Civil Protection Act imposed social distancing on the working public to prevent transmission of COVID-19. Employees moved out of the office and transitioned—somewhat or wholescale—unprepared to work from home.

Fast forward two months; remote teams have gotten used to remote work. So much so that going back to the office, when that happens, is going to be a more flexible model than some might have predicted.

Is remote work here to stay?

Statistics show that, aside from the frustration of unreliable wifi and the mental toll that comes from solitude, working remotely has a number of positive benefits: better work-life balance, less stress, greater productivity, being part of a more diverse/qualified team, a reduced carbon footprint—even increased inspiration.

Before COVID-19, Buffer released its State of Remote Work 2019. This study showed the #WFH trend already gaining momentum:

“99% said they would like to work remotely at least some of the time for the rest of their careers…. Virtual jobs aren’t just changing the future of work, they’re changing the future of our global society.”

2020 surveys show that COVID-19 has pushed the needle upward, with 30% of employees not previously working from home ready to trade in their commute and downtown office for a view of the backyard:

“Based on historical trends, [those] who were working remotely before the pandemic will increase their frequency after they are allowed to return to their offices. For those who were new to remote work until the pandemic, we believe there will be a significant upswing in their adoption…Our best estimate is that 25-30% of the workforce will be working-from-home multiple days a week by the end of 2021.”
Kate Lister, President of Global Workplace Analytics

It’s not only employees who see the benefits of a virtual workplace. Employers are on board, too. A work-from-home landscape of only half the time will save employers somewhere around $11 000/employee/year. So, yes. When the dust settles, remote jobs might be the new normal.

Long-term remote work strategy: a look at security

As future work practices shift toward home, fortifying communication channels becomes a high-priority list item. Threat actors are rubbing their metaphorical hands together, excited about the massive opportunity to exploit the home-to-office gateway, steal personal information (identity theft), and open a can of costly compliance issues for employers. The cost of a data breach can be crippling:

The average cost of a data breach has risen to $3.92 million (IBM and the Ponemon Institute), [a] 12% rise over the last five years. This includes a combination of direct and indirect costs related to time and effort in dealing with a breach, lost opportunities such as customer churn as a result of bad publicity, and regulatory fines.

That $4 million figure can be a conservative number. Earlier this year, Canadian lender, Desjardins Group, spent C$70 million after a breach exposed 2.9 million members. It’s estimated that 30% of all companies will suffer a breach over the next two years. But a well-planned information security strategy that follows best practices proactively protects firms from hassles, tarnished reputation, and expense.

What are the best information security practices for remote workers?

Security breach statistics cast a shadow on remote working (for both employees and employers). But it’s easier than you think to protect remote-based work hubs (which in turn strengthens core office security).

Host IT in the cloud

If your office is protected by a robust Managed IT solution but your employees work outside the office, that’s both a system weakness and a bottleneck. Setting up IT infrastructure on cloud servers not only provides agile security for all remote employees, it eliminates the need for in-office physical servers that take up real estate, require upgraded electrical and cooling systems, and are costly to maintain. Without a large server and storage budget, on-site servers likely lack the redundancy and resiliency that’s built into cloud architecture to maximize uptime.

There are three cloud-based IT options: public, private, and hybrid cloud. Public cloud services include vendors like Amazon, Microsoft Azure, Google, and IBM. Private clouds are smaller and tailor-made for a single organization. Vertex offers a 100% Canadian-based, ultra-secure private Cloud environment. We also set up and manage hybrid Clouds. The hybrid option is a private/public cloud combination like Microsoft 365 and Azure.

A private cloud is an IT infrastructure usually owned and maintained by a provider and hosted in a secure Data Center. Your company’s applications and data are securely divided from other users hosted on it. This provides a secure way to isolate your company’s data in the cloud and provide you with a completely customized virtual cloud infrastructure. You can host all of the same business applications you run on your on-premise servers from the Cloud. Rather than employees disparately storing and sharing files on different public platforms like Dropbox, Google Drive, or OneDrive, a private cloud is a dedicated network for your private use. This approach comes with added value like file permissions, password protection, and expiration dates. Standardization is applied to file sharing to better control and protect data integrity. For law firms and other businesses operating in regulated industries, a private cloud allows unlimited scalability (add more resources on demand), greater transparency, and increased data security.

Microsoft Teams/OneDrive/SharePoint

Hosting your IT in the cloud secures your files in the cloud. But how those files are manipulated by employees in home offices should also be protected. Since the COVID-19 shift to remote-based work, there’s been a download spike in collaboration apps that keep communication open between team members. Sensitive information channels should be protected by application security. The best way to safeguard files and keep face chats and video conferences secure is by using an application that pulls all of these requirements into one secure workspace.

Microsoft Teams is a powerful platform that does just that. It is an all-in-one application that plugs a number of user-friendly features into a fortified core. Built on privacy protocols and compliance standards, it’s used by 20 million daily active users around the world. And those 20 million DAUs enjoy fast workflows thanks to a robust system that protects members from nefarious actors. Uptime goes a long way for team productivity. Security goes a long way for breach mitigation. Microsoft Teams goes a long way for remote team collaboration. Up to 90% of users agree that Teams simplifies group work.

BYOD (Bring Your Own Device): Swap desktops for pre-configured laptops

The desktop tower churning away under your office desk was a bit of an antiquated beast to begin with, wasn’t it? Laptops, by nature, are smaller, lighter, and built for portability. The downside is that they cost more. The upsides are many. Now that COVID-19 changed our everyday routines to be portable and remote, laptops suddenly make a lot more sense than desktop computers.

But laptops can be one of the most vulnerable parts of your infrastructure. Used by employees communicating with your business servers, they can introduce malware that rips a hole in your security.

But not if your Managed IT provider preconfigures that laptop with bulletproof security from sign-on to apps to cloud storage. Then, a company laptop becomes a reliable asset that allows better control, management, and security of employee endpoints. Not so with unprotected, clunky home computers that aren’t managed and don’t have the necessary security layers and configurations.

A laptop configured by your Managed IT provider is a monitored endpoint that sends alerts. The software, antivirus programs, security configurations, and firewalls become part of your managed IT solution. Policies and folder redirections should be created to avoid corporate data from being stored locally on the laptop. Encryption can also be leveraged to protect a lost or stolen laptop.

Vertex has you covered

If your staff is working remotely during COVID-19 (and beyond), you can protect your company and client data, secure the home-to-office gateway, meet compliance standards, and mitigate the cost of a security breach by following these best information security practices.

With proactive monitoring, continuous management of security protocols, and risk-mitigation strategies, our Managed Information Technology Services deliver enhanced network security with virtually no downtime. We include advanced security software and backup solutions, creating a network that clients can depend on to run their business—with client satisfaction ratings above 98%.

inquire us

Get Your Free Assessment

At Vertex, we’re dedicated to transforming your IT into an asset. Contact us today for your free assessment.