How to protect your remote workforce
Ubiquitous internet means we can work wherever we want on any device – but how does a business keep its remote staff secure?
With the freedom of flexible working comes the ever-evolving issue of IT security. Companies with employees working remotely in any capacity need to adopt a different approach to their security, but many organisations are overlooking key threats. It's one thing to keep an eye on security when your workforce is in one central building, and another when they're let loose all over the world. IT security is no longer just about creating a watertight barrier around a central network, it's about ensuring your employees can safely connect to the cloud wherever they may be accessing it. This means that IT departments need to factor in added risks, such as using devices in public, poor employee security habits, and the use of unsecured devices for work.
The good news is that there are steps you can take to ensure your remote workforce is as protected as employees working within your office walls. A great opportunity to review your security policy is by rolling out Windows 10. Microsoft's latest OS has security baked into its core. Coupled with the latest hardware, it will help you create a resilient IT infrastructure that's both intrinsically secure and easy to use, whether in the office, at home or out on the road.
Public pitfalls from "shoulder surfing" to attack of the clones
Many remote workers will inevitably find themselves in a public space, such as a cafe, shared workspace, or even on a train. It is in these spaces where your company's data may be most at risk, as malicious actors look to find vulnerabilities in endpoint devices.
With so many people accessing sensitive data in public, "shoulder surfing" (hackers literally looking over your shoulder to read your details) is on the rise. While employees should take precautions shielding their devices and closing or locking them when not in use, the surest way to protect from this is to invest in privacy screens for your remote workers, but that's just another thing for them to carry around. However, devices such as HP's EliteBook x360 now come with these built in. At the tap of a button, HP Sure View will activate, significantly narrowing the viewing angle of the screen, and ensuring that only the authorised user can see what's being displayed.
If hackers aren't physically looking at your screen, they might be lurking behind cloned hotspots. These malicious Wi-Fi networks are created with an identical SSID to a safe hotspot in an attempt to trick new users into joining them by mistake all it takes is a click on the spoofed hotspot to be at risk of sharing your every online move. Avoid this problem by alerting your employees to this kind of attack and ensuring they send all sensitive communications via an encrypted VPN.
Even if the network is legitimate, public Wi-Fi is a big concern. It is almost impossible to ensure a public network is secure, so these should never be used to input unencrypted sensitive data (such as passwords and bank details). However, in reality, you'll be hard-pressed to convince your remote workers to avoid public networks altogether. Ensuring your devices are as safe as possible when browsing online is key to minimising public network threats. With Windows 10 comes SmartScreen, a cloud-based anti-phishing and anti-malware filter that checks websites and downloads against a trusted list, warning users of potential threats. HP's EliteBook range enhances browsing protection further with HP Sure Click, which creates a secure sandboxed environment for each browser window, ensuring that any attack that occurs can't spread and infect the machine as a whole. This tricks any malicious software into believing it's running on your device when it's actually trapped in the tab and destroyed when you close your browser. The key benefit of Sure Click is that it doesn't rely on the malware having already been recognised and logged, thus tackling the newest and most advanced threats head-on.
Enforcing best security practices
Advanced security features are great at catching a lot of the problems caused by human error, but that doesn't mean your employees should mindlessly rely on their software and devices to protect them. From the dangers of public Wi-Fi to suspicious emails, the internet can be full of traps and pitfalls and if your employees are carelessly leaving their devices unattended or clicking on unfamiliar links without thinking, you may be fighting a losing battle. Your workforce needs to be made aware of key issues and advised on how best to avoid them.
Start by creating a best practice guide to work alongside your updated security system this should include encouraging employees to ignore any content from unknown senders, to be mindful of their surroundings when working in a public space, and to avoid downloading or storing work data on personal devices. Remote workers should also be encouraged to back up data frequently so that a lost device doesn't mean lost data. Cloud storage services such as OneDrive are ideal solutions, and also ensure that data is always up to date and accessible from anywhere, while also being secure. Another good practice is to ensure that Find My Device is activated within Windows 10 giving you the best possible chance of recovering a lost laptop.
Updating your security policy shouldn't add to your employees' workload, and procedures should be quick and easy to follow. Involve your staff from the beginning and keep them informed of changes as and when they are made. Your employees are far more likely to use the simple Windows Hello biometric login feature than to go through the hassle of creating a different complex password for every account, and they are more likely to use a multi-factor authentication if the security code is sent directly to their phone. Both of the above security practices are far safer than your traditional password, so everybody benefits. Of course, you'll need hardware equipped with the right biometric sensors like the HP EliteBook x360 to make features such as Windows Hello possible.
Investing in the right software and hardware
The most effective way to reduce the risk of your company data falling into the wrong hands is to encrypt the devices that your remote workforce use, so that only your chosen employee or someone with the encryption key can access any files. Ensuring all remote devices use dynamic encryption, such as Windows BitLocker, is an excellent way to standardise security. Like many of the more advanced OS security features, BitLocker requires support from premium hardware to run at full capacity. HP's EliteBook range incorporates the crucial Trusted Platform Module (TPM), which stores part of the encryption key for your data, stopping thieves from removing your hard disk in an attempt to steal your files.
BYOD (Bring Your Own Device) policies can also expose your organisation to security issues. Allowing employees to use their own, personal devices for work purposes, can open up a Pandora's box of problems if steps aren't taken to ensure these devices are secure. Organisations choosing to go down this route must enforce clear best practice guidelines on any device, and ideally keep work and personal data completely separate through some form of sandboxing. However, a much safer practice is to only allow workers to use company-issued devices and to invest in certified hardware and software to make sure security is uniform and up-to-date. This may result in a larger IT estate to manage, but it will significantly reduce risk.
Protecting your remote workforce might be an investment but it needn't be a headache. With Windows 10 and the right supporting hardware, you can keep your workforce secure, wherever they may be.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now