Working from Home Guidelines in the COVID-19 Era
Many countries have closed schools and universities, and large crowds have been stopped. This means that infections are accelerating in several countries at the same time. For modern technology companies, the infrastructure and strategies needed for remote work are undoubtedly already in place. Order that all employees take on a job - from - domestic politics. The vast majority of employees are likely to be laptop users.
However, the situation is likely to be very different for many smaller companies and organisations. For many small enterprises, such as small and medium-sized enterprises (SMEs) and small to medium-sized enterprises (SMEs), the situation is very similar, if not worse. Given the urgency of the case, it is probably imperative to divide organizations into just a few groups with differing needs and meet their needs without triggering a mass exodus. The education sector is a good example of this. Some universities offer distance learning, while grammar schools and others are more likely to have staff and pupils on site to learn. School operations and administrative teams must also be taken into account, as they are not all likely to be mobile workers and may be using desktop devices instead of laptops.
To take education as an example, there are a number of common requirements that workers need from afar to be productive. Teachers need least virtual conference facilities, management teams need network access, and schools cannot operate without significant student engagement. These are the minimum needs, but they are met by the needs of the remote worker and his or her colleagues in the education sector and the management team in other parts of an organization except the school or university, who all need access to a network of computers and mobile devices in terms of network connectivity and storage space.
It is also important that companies and organizations prepare themselves and their employees for the increased cybersecurity risks associated with remote work. There are a number of challenges that may need to be addressed, such as the lack of training for remote workers.
Physical Security Of Company Devices
As remote employees, we often take them to the public library after work. It is a form of socialization and a common, individual workplace. Employees put the company's equipment at greater risk when they leave the safety of the workplace.
With this option, the devices must be protected against loss or theft:
- Full disk encryption ensures that the company's data is not accessible if the device falls into the wrong hands.
- Prevent inquisitive children from accidentally sending emails to your boss or customers by limiting the chances of someone accessing your computer while you are turning your back on the local cafe.
- Set an inactivity timeout and log out of the device as soon as you are not logged in for at least 30 minutes.
- Never leave your device unattended or on public display. If you're in the car, it's in the boot.
What is In The Home Technology Environment
Ask your employees to check their own home environments for vulnerabilities before connecting to tools. Ask employees for help in checking their work environment for security vulnerabilities. Consider encouraging or mandating the use of connected home monitoring apps to allow work devices to connect to your home network. Scan monitoring will highlight known vulnerabilities and default passwords that need to be changed. Secure strong passwords and make sure your employees take the time to update their firmware and software.
Accessing The Company Network And Systems
Consider whether the right to access sensitive data should be granted locally when an employee is on site. Determine whether employees need access to cloud-based services such as email, social media or file sharing.
VPN to connect remote employees to the organization's internal network. VPN to prevent human attacks-in-the-middle from remote locations. Remember the traffic that used to flow to you at work, even if you now work from home. If you need an additional license, please contact your provider. If necessary, make the same solution available to your employees that you use on your own devices. The organization manages and owns the equipment, making it easy to enforce.
Perhaps you have a solution to protect yourself from an unprecedented event. You may also have access to a backup plan in case of a power failure or disaster.
Consider the use of virtual machines to facilitate access. This limits exposure to the company network or home environment and keeps employees in a controlled environment. Privacy breaches happen on devices that contain sensitive corporate data.
Multi-factor authentication (MFA) ensures that access to cloud and cloud-based services such as email, social media and web applications is reserved for authorized users only. Wherever possible, use a mobile app-based system such as Apple's iOS or Google's Android to generate a unique code that authenticates access.
Even if the use of such a solution is under time pressure, an app-based solution eliminates the need to procure and distribute hardware. The devices used to receive the code are not the devices managed by the organization and could be the subject of SIM swap attacks in particular.
Collaborative Tools And Authorization Processes
Provide access to chat and video conferencing systems so that employees can communicate with each other. This helps employees to maintain social contact with their colleagues and avoid problems with others. Provision of the necessary productivity tools. It may seem strange to reconcile these two points.
Cybercriminals are likely to take advantage of the opportunity to remotely locate staff to launch Business Email Compromise (BEC) attacks. At this point, evil actors send out false urgent demands asking for urgent money transfers without having the opportunity to personally confirm the request. Use collaborative tools to protect yourself from unauthorized statements and transactions. Be sure to use video conferencing and chat systems as a formal part of the admission system to carry out in-person validations, even when they are done remotely.
Remote Work Policy and Training
If an employee moves to another workplace or is in a more relaxed atmosphere, such as at work from home, they may consider clicking on a link if there is a chance that a colleague has seen an amusing video they have watched or a website they have visited. Cyber security training is typically set as an annual requirement for all employees. IT security training such as Cybersecurity Awareness and Incident Response Training. It would be wise to offer a refresher to avoid the human element that cybercriminals try to exploit. Consider running a campaign with training requirements before your employees start working remotely.
Support And Crisis Management
When a user is quarantined due to health concerns, the ability to support him remotely is crucial to ensure smooth operation. In the rush to provide remote access, do not sacrifice your cybersecurity or your ability to manage your systems and devices.
Another consideration from a technological point of view is to eliminate or limit the use of RDP. If you encounter unusual or suspicious questions, you may ignore the consequences of an infringement. As my colleague Aryeh Goretsky pointed out in a recent blog post, technology and functional processes can be as important as the security of your systems and devices.
Responsiveness Remote working is not the same as working in the office. Supervisors must put in place procedures that allow them to determine whether the remote employee is doing the job. Create a series of queries for remote employees to respond to depending on their skill level and type of task. Consider calling a team once a day. This gives everyone the opportunity to exchange experiences and problems.
- Arrange a time signature that you can switch on and off if you want. Bebe a member who says "good morning" when the day starts. Working from home does not relieve you of your responsibility to provide a good working environment.
- An ergonomic keyboard for the office needs to be taken home so that it offers the usual comfort.
- Distributing contact details: Remote employees need to know how to get help when they are needed.
- Social interaction is an important part of motivation and increases productivity. Consider buddy-and-mentor programs to bring people together so they can solve problems, share virtually, and socialize.
- Create a virtual open door policy as it exists in the office. Make sure people are accessible and easily engaged.
Do not assume that workers can switch to remote work effectively and without support or guidance. A mass distance work mandate could prove to be a social work experiment that few companies of this size would ever carry out. Will we ever return to the office in the same way? Philosophically, the world may never be the same again, and we may need considerable help to adapt.