Written by Vickram Bedi: Senior Director – Personal Systems, HP Inc India
In just a matter of weeks, millions of officegoers are now having to work from home or remote locations. Adapting to this new way of conducting business has meant equipping employees with the devices they need to work productively on the go. To stay competitive, many employers are not only allowing employees to untether from their desks and the physical office, they’re helping to make it possible — offering remote access to internal systems.
This comes with its own set of challenges though. With remote work becoming essential, it poses major threats to network security, leaving a wealth of sensitive information vulnerable to opportunistic cybercriminals thus making security one of the key concerns for both small and large organizations.
As per industry reports, India ranks among the top five nations in the world targeted by cyber attackers through malicious attempts such as hacking, ransomware or denial of service attacks. While most office IT infrastructure is designed to safeguard against such threats, a typical home is perhaps not so secure.
Most devices today are protected by text-based passwords, which can easily be bypassed by hackers. Adding in an extra step that makes sure like multifactor authentication adds an extra layer of security to the PC. Layering in biometric data makes it a 1 million times more secure than with a single password alone. Such multi-factor authentication can enable IT administrators manage device security for employees in a more comprehensive fashion.
The Malware Threat
Working from home also requires giving some downtime to employees, who might use company-issued devices for web-surfing. This free-range internet browsing has the potential to introduce malware to an employee’s device, compromising it in the process. An attack on a device’s firmware can we devastating – IT admins need to ensure that employee devices are equipped with BIOS security to prevent such a scenario. And then there is ransomware – perhaps the most widespread threat. By the end of 2019, ransomware was projected to attack a business every 14 seconds, up from every 40 seconds in 2017. Mandating additional safety features like ‘virtual sandbox’ extensions to browsers can help isolate each browser tab, so anything fishy that is clicked on and downloaded won’t infect the rest of the PC.
Remote working also means communicating via video calls, or work using collaborating apps, and coordinating with far-flung team members through project management platforms like Basecamp. But for this arrangement to work, remote employees need a reliable, secure connection to the internet at all times. The ideal scenario would be to have devices with built-in LTE connectivity. This eliminates the need to rely on unsecure Wi-Fi or hot spots. However, if devices need to be connected to Wi-Fi, then IT admins can look at a few simple steps to secure the home networks. These can include mandating WPA (Wi-Fi Protected Access) standard routers and passwords, MAC authentication or hiding the network name. In addition, providing PCs that are equipped with webcam kill switches – a physical button which that disconnects power to the webcam will help to create greater security.
The Road Ahead
While the current remote working scenario is the resulted of a global crisis, it is evident that in the long run, both employers and employees can gain from the shift to more mobility and flexibility. Employers can potentially save money when their physical office space needs to hold fewer people. Studies also indicate that organisations tend to get more value from employees who no longer spend time commuting and have the freedom to work when they are most productive. But to truly realise the gains from this flexible working ecosystem, security should be the first consideration.
After all, the threats are real, but so are the ways to protect organisations and employees. It doesn’t have to be daunting as security is not always about the technology alone. It also involves giving people the right tools to guide them toward best practices, and this is where organisations need to inculcate a culture of security among their employees.