Remote Workforce Security: Protecting People, Protecting the Enterprise

In the wake of the current COVID-19 pandemic, organizations around the globe are asking workforces to stay at home to safeguard their personal health and wellbeing and observe mandated national government public health restrictions relating to social distancing.

In times of crisis, maintaining business-as-usual operations will be a top priority. Today, many organizations find themselves confronting the stark challenge of stress-testing emergency contingency strategies for real, at scale – and in the face of real necessity.

It’s an unprecedented scenario that no organization could have truly prepared for; but the learnings that result from the current state of affairs will enable organizations to further refine how they respond to future unexpected events. That will include managing the remote working needs of the workforce.

For the moment, however, while working from home practices may not be novel for some employees, having the whole workforce working remotely is a different story.

To help organizations keep their business running smoothly and with minimal disruption, ensuring a number of top security and management practices are in play will be central to protecting people – and the enterprise itself.

Provide urgent security awareness education and updates
Ensuring that you have the latest security tools and solutions in place is just the start to building a secure remote workforce. The most powerful defense against cyber threats begins with end- users.

Make sure remote workers receive a quick reminder of what to be on the lookout for in relation to potential phishing scams and fraudulent VPN messages. Typically, cyber-criminals will capitalize on the current pandemic scenario with email subject lines that are designed to bait a gut response in recipients: watch out for headlines such as ‘Corona News Flash’ or ‘X New Cases in (Insert City Name Here). The aim of the game here is to fuel the flames of fear and get users to click without investigating if the email is even credible.

Pushing out refresher training and links to any existing security awareness resources without delay will be essential to ensure that end users understand the importance of staying extra vigilant when working from home, and do their part to protect critical data.

Accessing business critical applications and documents
If the remote workforce is using company issued devices such as laptops, tablets and phones, ensure employees have full access to all documents and applications they will need to complete their work. 

To maintain a high performing workforce, personnel will need appropriate access to the company’s enterprise cloud to undertake critical job functions, so it’s vital to have appropriate policies in place for managing permission-based roles, audit trails, and restricted access to non-essential areas.

Secure connectivity
With the right policies in place to protect important documents and applications in the cloud, the next priority is to ensure that end-user connections are secure. A VPN (virtual private network) that provides a secure direct link to servers is an ideal base layer of security for a remote workforce.

 
However, adding two-factor authentication (2FA) will introduce an extra layer of security for the organization and end-users, who will be required to utilize either a numerical code sent to their phone, or to provide fingerprint identification, or answer security questions.

With many remote workers now dependent on a home WiFi that may be unsecured, enforcing better password protection practices – such as a password vault or encryption keys – will make it harder for unauthorized users to gain access to the networks of remote workers.

Initiate efficient communication channels
Setting up secure and reliable communications systems will be crucial for enabling long-distance collaboration and teamwork within the enterprise and beyond its walls. 

While face-to-face interactions are currently curtailed, there are a variety of communication tools that are ideal for remote workforces that need to engage in long-distance communication and team collaboration. These include platforms such as Google Hangouts, Slack, Microsoft Teams, or Cisco Webex Teams, which all provide tools that enable quick chats, group chats, client communications and video conferencing.

Convening for meetings and calls
Today’s chat and videoconference programs will support virtual face-to-face touchpoints that mimic an office setting. Implementing a camera-on-policy can help replicate business-as-usual for meetings and calls for the remote workforce and provide a valuable conduit for managers to reach out and support home workers who need additional counselling and support.

To assist personnel to prepare appropriately, encourage those who convene meetings to send out agendas, notes and anything else well ahead of the meeting start time. This should help everyone to prepare appropriately, stay on topic, and maximize value airtime when they finally come together online.

Putting in place these best practices will not just support employees in their new home working environment, but it will also give organizations a peace of mind, knowing their infrastructure is in a much more secure place.

What’s Hot on Infosecurity Magazine?