Tips to Protect Your System and Remote Worker Access
by: The Knowledge GroupJune 04, 2020
Change often happens dramatically and quickly with circumstances out of most people’s control. The COVID-19 Pandemic arrived similarly, and the world transformed overnight with a massive shift to remote service wherever possible. In that context, however, a lot of new risks are now cropping up, many of them, technology-related. Here are key tips to ensure information security and keep business processes run smoothly.
1. Change How You Plan Work and Task Expectations – Task planning and management now has to incorporate both technology, equipment, placement, and people as one combined asset. Pre-virus, the company provided all the tools, and people just had to show up. Now, remote work requires a comprehensive approach.
2. Put All Your Goals, Rules, and Expectations in Writing – With remote work, there is a far higher demand for ready and available reference information. Those hallway chats people used to enjoy while taking care of thousands of questions a day don’t exist anymore. Ninety percent of guidance questions can now be addressed in a document. So, put as much in writing as possible to control how people behave with work, data, information, and online access.
3. Don’t Rely on Just a Password, Use Multi-Factor Authentication – The days of single logins and passwords are over. With the proliferation of smartphones and mobile tech, organizations have been repeatedly warned to put MFA in place. And if your worker doesn’t have a company phone, it’s very easy to provide an MFA token or card to use instead.
4. Practice the Rule of Least Privilege – If your workers don’t need lots of system access, then don’t give it to them. Ensure your IT department is only provisioning out those modules and accesses specific to the job a person does. Only change those roles and rights when a person’s job changes.
5. Use Encryption – All computer resources, whether desktop or laptop or storage devices, should be fully equipped with usable encryption, and remote workers should be trained in writing how to use the encryption and how it is the company policy to expect its use with company material.
6. Anticipate Problems – Organizations should regularly anticipate common hacks and new, novel approaches and try to practice responses to them. By planning ahead, a company can respond immediately and more effectively when the real risk is identified, or an actual breach occurs.