Due to COVID-19, most IT teams were forced to build work-from-home setups for entire companies practically overnight. As millions of people all over the world suddenly needed to work remotely from their homes, we have witnessed the creation of the largest global remote workforce ever.
Moving millions of employees, their computers, and their data from a secure office environment to the home—with minimal notice—presents tremendous data security risks, including simple technical glitches, accidental human error, and malicious/ransomware attacks.
How can businesses ensure a safe work from home environment? Here are seven steps to consider.
1) Secure Employee Devices
Where possible, provide laptop devices so employees aren’t forced to use potentially less secure personal devices for work such as home desktops. Secure these devices with endpoint protection measures: install antivirus, automated patch management and automated backups.
Install a strong SSL virtual private network (VPN) solution such as Pulse Secure, Cisco or GlobalProtect on every company laptop for a secure connection to the company network. Conserve network bandwidth, if necessary by using a split-tunnel connection which increases your security level by only providing secure access to corporate-approved resources.
2) Protect Business Data
Set up a company-wide policy that automatically saves documents and data to Google’s G Suite or Microsoft O365 or your on-premises share drive. With only 30 days of retention for files from these services, make sure you add a backup solution and match your backup frequency to the importance of the data. For unstructured data on-premises, set up employees to store their work files on a company-managed file server rather than their own laptops. Using image-based backup software to protect that file server is also critical.
It is also important to take image-based backups of employee laptops— so, should an employee laptop fail, you can use a backup to restore the operating system, applications, and data to a new laptop in minutes—which sure beats reinstalling everything. This will recover any data that wasn’t stored to the file share or cloud. Or for remote users with low bandwidth, a file and folder backup solution might be a preferred alternative
Redundancy is key, so replicate all laptop and file-server backups to the cloud (ideally a purpose-built disaster recovery cloud, which enables swift recovery).
3) Secure the Laptop and the Network
Ensure network security with a tool like Rapid7, Tanium, or CrowdStrike that protects a laptop. Also leverage all the next-generation firewall security services, such as Palo Alto Networks, to protect the network and scan for viruses and ransomware as well as for suspicious connections to and from your company
Again: Redundancy is key. Store server backups and also replicate those backups to a remote location – either disaster recovery data center or the cloud.
4) Devices and Remote Users
Confirm the identity and security state of each endpoint device, be it corporate or personally owned, including laptops, desktops, smartphones and tablets. Control admission for remote users and their associated devices based on the user identity and allow access based only on the resources users are authorized to access – either on-premise or in the cloud.
5) Provide Remote Support
To help remedy any technical concerns from afar, use remote connecting software such as Zoho Assist or Logmein Rescue, which enables the helpdesk to see an employee’s screen and troubleshoot issues remotely.
6) Test, Train and Educate
While having a backup is important, being able to recover all data completely and quickly is absolutely critical for business continuity. Regularly test your backups and your ability to recover. Triple-down on phishing: a successful phishing scam can expose you to ransomware and render all your data useless. Test your network to find the holes in your network protection and train your employees in being able to spot phishing emails that lay the groundwork for a ransomware attack
7) Provide Communications Tools
Provide and enforce the use of company-wide communications tools for instant messaging, video conferencing, and telephony that are secure. These tools (such as Microsoft Teams and GoToMeeting) ensure employees can stay productive, be social, and continue collaboration while still keeping the business secure.
Sean Derrington is the Senior Director of Product Management, StorageCraft. Prior to StorageCraft, Sean led product management at Exablox (acquired by StorageCraft) and Veritas/Symantec and has held multiple product marketing and management positions covering storage management, cloud, and virtualization solutions. (@StorageCraft on Twitter).