Three things your remote workforce must do to protect data
The rise of the remote workforce means that employees can literally work at any time, from any location and through any internet-connected device. This presents new challenges for organisations and an increased need for all employees and users to be vigilant when it comes to cybersecurity best practice. With employees no longer protected by the corporate firewall, and often working in public places and using unsecured Wi-Fi, there are three things they must do to protect the security of organisational data:
1. Avoid public Wi-Fi and use encryption
Working from anytime, anywhere offers an increased culture of flexibility for many workers. They can log on and work from wherever and whenever they need to, including cafes and shared workspaces. However, this also increases the risk of connecting to unsecured networks, which can present security risks.
It’s critical that users are effectively educated on the risks that are associated with using public and shared networks. Alerting users to the potential threats that the organisation can be exposed to when connecting organisational devices and sharing internal data via unsecured networks can help users to think twice before accessing these networks. It’s also essential to train employees on the benefits of encrypting files and networks. Encryption will help to better protect your internal systems when users access unstable and unsecured networks, providing a better level of protection for your data.
2. Be aware of who’s around when working in a public place
Protecting your network and data with digital defences is critical; however, it’s also important that users are educated on how they can physically protect company assets. Public and shared workspaces are convenient for flexible workers, though they also create risk by displaying corporate information on a screen that anyone can see.
Users must be cognisant of other people when working on laptops and other mobile devices in public spaces, including public transport. It’s important to ensure employees are aware of the risks of working in public spaces, including the potential for confidential business information to be seen by competitors or cybercriminals.
3. Only use company-sanctioned devices
While employees are far less protected by the company firewall when working remotely, the company can still provide an effective defence. One of the best ways to protect company information is to ensure that users only use company-sanctioned, secure devices to access corporate data.
Having access to organisational files and emails from personal devices is convenient for users. However, it’s critical that IT teams are aware of, and have some control over, all devices being used to access internal data. If organisations can’t provide devices to users, it’s critical that the IT team has a clear process to integrate personal devices with the corporate network and can provide relevant advice to users connecting and using their own devices for work.
It’s essential that all users take steps to protect corporate data and information while working remotely, even more so than working onsite as they are less protected by corporate firewalls and other security measures. However, it is possible that cybercriminals can still exploit vulnerabilities in the network and systems to access company data, despite the organisation’s best efforts.
Employees must also understand cybersecurity best practices including password protections, sharing devices and who to contact to report a suspected cyber-breach.
For more information on how to effectively integrate good cybersecurity hygiene into the life of a remote worker contact InfoTrust today.
Cybersecurity should be front of mind for every organisation, especially in the wake of the current global pandemic. Our ways of working have changed immensely, with a surge in the volume of remote workers using different networks, devices, and platforms. Meanwhile, our businesses are using cloud computing and IoT technologies to facilitate new ways of working, reduce costs, and improve performance. The result is that the attack surface has increased, and with that comes an increase in the volume of cyber threats.
There are images of extensive, verbose documents, complex definitions, and eye-watering Excel sheets when the term GRC is mentioned. For the past two decades, GRC has been central to core business processes across many organisations at both ends of the enterprise spectrum, as well as in the small-to-medium business space in recent times.
But the world has moved on; organisations are forced to embrace digital disruption and agility if they haven’t done so whole-heartedly. And this very disruption is positioning GRC to become less-than-ideal to solve the challenges that said disruption brings with it.
Phishing attacks have increased dramatically over the last few years, with the global pandemic escalating the situation further. Cybercriminals take advantage of insecurities and fear and play on human nature to trick and deceive. In fact, according to the OAIC, phishing attacks that involved compromised credentials accounted for 30% of all cyber incidents in the first half of 2021. And human error formed a major source of these breaches. Unfortunately, due to the clever social engineering tactics used by cybercriminals, technical filters alone aren’t sufficient to protect against phishing.
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Secure Access Service Edge, better known as SASE (pronounced sassy – yes that is right) was one of the new security terms on the block in 2019. But it’s actually been around for some time, just without its official moniker. It is expected that by 2024, at least 40% of enterprises will have strategies in place to adopt SASE, according to Gartner.
In this post, Cloud Security Engineer, Will Michail takes a look at why its popularity is increasing now, what the term means and how vendors and organisations are utilising it to enable digital transformation.
We're Here To Help