How to protect your remote workforce
Working from home is the “new normal”, but how does a business keep its remote staff secure?
With the rise of flexible working comes the ever-evolving issue of IT security. Companies with employees working remotely need to adopt a different approach to their security, but many organisations aren’t investing in adequate security and are overlooking key threats. It's one thing to keep an eye on security when your workforce is in one central building, and another when they're let loose over home networks. According to a recent HP survey, 77% of IT decision makers believe more remote work means more security vulnerability.
When your workforce is spread across numerous locations, IT security is no longer just about creating a watertight barrier around a central network – it's about ensuring your employees can safely connect to the cloud wherever they may be accessing it. This means that IT departments need to factor in added risks, such as more vulnerable networks, poor employee security habits, and the use of under-secured devices for work.
The good news is that there are steps you can take to ensure your remote workforce is as protected as employees working within your office walls. If you’ve upgraded to Windows 10, then you’re off to a great start – Microsoft's latest OS has security baked into its core. Coupled with the latest hardware, it will help you create a resilient IT infrastructure that's both intrinsically secure and easy to use, whether in the office or at home.
Investing in endpoint security
Endpoint security is one of the biggest concerns for companies with remote working policies. It’s not just inadequately secured laptops you need to watch out for, other IoT devices such as printers can be vulnerable too. According to HP’s research, 35% of ITDMs are concerned about the security risk of home printers and 45% are worried about laptop security. As a result, HP found that 46% of ITDMs plan to augment endpoint security.
Ensuring your devices are as safe as possible when browsing online is key to minimising threats coming in over home networks. With Windows 10 comes SmartScreen, a cloud-based anti-phishing and anti-malware filter that checks websites and downloads against a trusted list, warning users of potential threats. HP's EliteBook range enhances browsing protection further with HP Sure Click, which creates a secure sandboxed environment for each browser window, ensuring that any attack that occurs can't spread and infect the machine as a whole. This tricks any malicious software into believing it's running on your device when it's actually trapped in the tab and destroyed when you close your browser. The key benefit of Sure Click is that it doesn't rely on the malware having already been recognised and logged, thus tackling the newest and most advanced threats head-on.
When your employees are able to venture out into working locations outside of their own home, there are a number of further precautions you should take – and having the right tools and applications already enabled on their machines will make that transition a whole lot easier and stress-free. For example, to avoid "shoulder surfing" (hackers literally looking over your shoulder when you’re accessing confidential information), a privacy screen can add an extra level of protection. Devices in HP’s EliteBook range now come with these built in. At the tap of a button, HP Sure View will activate, significantly narrowing the viewing angle of the screen, and ensuring that only the authorised user can see what's being displayed.
Another public pitfall is cloned hotspots. These malicious Wi-Fi networks are created with an identical SSID to a safe hotspot in an attempt to trick new users into joining them by mistake. All it takes is a click on the spoofed hotspot to be at risk of sharing your every online move. Avoid this problem by alerting your employees to this kind of attack and ensuring they send all sensitive communications via an encrypted VPN. In fact, using VPNs is best practice whether your staff are working from their homes or over public Wi-Fi.
Enforcing best security practices
Advanced security features are great at catching a lot of the problems caused by human error, but that doesn't mean your employees should mindlessly rely on their software and devices to protect them. From dodgy links to suspicious emails, the internet can be full of traps and pitfalls and if your employees are carelessly leaving their devices unattended or clicking on unfamiliar links without thinking, you may be fighting a losing battle. Your workforce needs to be made aware of key issues and advised on how best to avoid them.
Start by creating a best practice guide to work alongside your updated security system. This should include encouraging employees to ignore any content from unknown senders, to be mindful of their surroundings when working in a public space, and to avoid downloading or storing work data on personal devices. Remote workers should also be encouraged to back up data frequently so that a lost device doesn't mean lost data. Cloud storage services such as OneDrive are ideal solutions, and also ensure that data is always up to date and accessible from anywhere, while also being secure.
Navigating the new normal: A fast guide to remote working
A smooth transition will support operations for years to comeDownload now
Updating your security policy shouldn't add to your employees' workload, and procedures should be quick and easy to follow. Involve your staff from the beginning and keep them informed of changes as and when they are made. Your employees are far more likely to use the simple Windows Hello biometric login feature than to go through the hassle of creating a different complex password for every account, and they are more likely to use a multi-factor authentication if the security code is sent directly to their phone. Both of the above security practices are far safer than your traditional password, so everybody benefits. Of course, you'll need hardware equipped with the right biometric sensors like the HP Elite Dragonfly to make features such as Windows Hello possible.
Last but not least, you need to ensure your IT team is also following security best practices. Misconfiguration and out of date applications are two of the biggest vulnerabilities you can introduce into your IT infrastructure. Ensure that every device used to access company data is operating on a supported OS which is regularly updated, such as Windows 10. You may also wish to invest in a cloud provider to manage and give you greater visibility of your digital assets to ensure everything is configured correctly and compliant.
Choosing the right hardware for the job
The most effective way to reduce the risk of your company data falling into the wrong hands is to encrypt the devices that your remote workforce use, so that only your chosen employee or someone with the encryption key can access any files. Ensuring all remote devices use dynamic encryption, such as Windows BitLocker, is an excellent way to standardise security. Like many of the more advanced OS security features, BitLocker requires support from premium hardware to run at full capacity. HP's EliteBook range incorporates the crucial Trusted Platform Module (TPM), which stores part of the encryption key for your data, stopping thieves from removing your hard disk in an attempt to steal your files.
BYOD (Bring Your Own Device) policies can also expose your organisation to security issues. Allowing employees to use their own, personal devices for work purposes can open up a Pandora's box of problems if steps aren't taken to ensure these devices are secure. Organisations choosing to go down this route must enforce clear best practice guidelines on any device, and ideally keep work and personal data completely separate through some form of sandboxing. However, a much safer practice is to only allow workers to use company-issued devices and to invest in certified hardware and software to make sure security is uniform and up-to-date. This may result in a larger IT estate to manage, but it will significantly reduce risk.
Protecting your remote workforce might be an investment but it needn't be a headache. With Windows 10 and the right supporting hardware, you can keep your workforce secure, both inside and outside the office.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now