Working from home: IT security check
In the rush to keep operating, many businesses started working from home arrangements with their staff. Emergency IT measures were put in place and remote working began, but have you revisited these arrangements and your IT security?
With over one third of working Australians working from home during the pandemic, a shift in working arrangements is trending to continue, with many Australians continuing to work from home for at least some of their work hours.
Work from home arrangements present challenges for IT security as these remote environments often do not have the same safeguards in place as the business premises. Because many of these safeguards were rushed in over the start of the pandemic, it is prudent to now reassess these measures and ensure your IT environment is secure.
Start by ensuring your IT and cyber security policies are current and relevant and ensure that these are circulated to all staff, so they are aware of the expectations being set.
Employees are the front line of cyber security and must have basic knowledge in identifying and avoiding cybersecurity threats.
Training might include best practice for email security, sensitive information management, and cyber emergency preparedness. Equally as important is ensuring that the IT security environment you have in place is robust and effective for your business.
Every software and IT security ‘stack’ is different, depending upon the software and systems you use, their cloud capabilities, and the data sensitivity of the business. Nevertheless, here are some simple tips that are applicable to all businesses:
- Two factor authentication (this is recommended for all software where possible – both at home and in the office)
- Use trusted Wifi
- Use a virtual private network for server-based programs and storage.
- Regulated storage solutions and sharing protocols – such as cloud-based storage solutions and elimination of storage of documents on individual devices
- Avoid using portable storage devices – if these must be used, consider an encryption service liker Bitlocker
- Anti-virus software
- Monitor your third-party vendors and service providers and check their security ratings.
These should be additional to standard IT security processes such as minimum password requirements and periodic mandatory password updates, keeping software up to date, device security such as password logons and above all else maintaining an element of skepticism.
The team at Cutcher & Neale are here to help, please get in touch if you would like further assistance.