{"id":34711,"date":"2020-04-07T09:55:23","date_gmt":"2020-04-07T13:55:23","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?post_type=emagazine&p=34711"},"modified":"2022-03-17T05:45:49","modified_gmt":"2022-03-17T09:45:49","slug":"securing-home-workers","status":"publish","type":"emagazine","link":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/securing-home-workers\/34711\/","title":{"rendered":"Securing home workers isn’t just about technology. It’s about business culture."},"content":{"rendered":"

In recent years we\u2019ve become accustomed to hearing how new technology is changing how people think and interact. But throughout most of history, it\u2019s been more a case of needs must<\/em> \u2013 we\u2019ve created technology to overcome challenges our environment has thrown us.<\/p>\n

The technology that lets us work from home is good for more than carrying on business in a crisis. Employees escape cramped cubicles and noisy open offices. They cut hours (and pollution) from their daily commute. We work at times that suit us, in a place we\u2019re most comfortable, closer to loved ones. Businesses can tap into talent around the world and reduce the cost of assets and buildings. They also benefit from home-based employees being more productive, engaged and loyal<\/a>.<\/p>\n

Change your culture as well as devices<\/h2>\n

There\u2019s more to enabling working from home than giving employees a laptop and corporate smartphone or introducing a bring-your-own-device (BYOD) policy<\/a>. It\u2019s a culture change. Business executives must lead by example and administrators must find ways to stay in control of digital assets.<\/p>\n

Charl Ueckermann, CEO of Kaspersky\u2019s Africa Partner of the Year 2020, AVeS Cyber Security<\/a> says:<\/p>\n

\u201cYou want the best of both worlds: minimize business disruption and open opportunities to create new business models.\u201d<\/p>\n

Business leaders may fear losing control. Taking devices outside company buildings expands attack surfaces substantially, giving cybercriminals many new opportunities to exploit your most valuable asset \u2013 data. And when people connect to company resources over unsecured home networks, the risk multiplies.<\/p>\n

Ueckermann goes on to say:<\/p>\n

\u201cYou have to get the core things right to keep the lights on. Leadership will play a crucial role in setting the organization\u2019s cultural tone.<\/p>\n

Shifting focus from a control-based to an output-based culture sets up your remote workforce for success and growth.<\/p>\n<\/blockquote>\n

\u201cA new talent pool becomes available if your business is set up for teams who can work from anywhere, at any time. Highly-skilled people who were previously limited by family responsibilities or geographic location now become potential candidates to recruit.\u201d<\/p>\n

We\u2019re guilty of appalling security habits<\/h2>\n

Principal Security Researcher at Kaspersky, David Emm, says:<\/p>\n

\u201cOur ability to communicate, work and transact online has never been more critical. We also have to face the reality that where people go, cybercriminals follow. If there is an opportunity to exploit a situation and lure people into disclosing personal data or sending money, you can guarantee cybercriminals will be working on it.\u201d<\/p>\n

With the number of Internet of Things-connected devices at 3.5 for every person on Earth<\/a> and growing exponentially, information security must be scalable, multilayered and centrally managed.<\/p>\n

Let\u2019s face it: Many of us are guilty of some appalling mobile security habits. Despite using our smartphones for everything from business email to personal banking, over a quarter of us don\u2019t even lock our smartphone screens<\/a>. When you consider how often these devices are lost or stolen, it\u2019s a big problem. Losing the device is nothing compared to hackers or other unauthorized third parties having access to every connected account and file on the device.<\/p>\n

Here\u2019s three ways you can help your home and remote workers to work more safely.<\/p>\n

1.\u00a0 Start by laying down the ground rules<\/h2>\n

Check and update your cybersecurity policy so it fits the current situation for remote work. It should say clearly which devices and apps employees may use, which security measures they must adopt and how they can share corporate data. For example, you probably won\u2019t want remote-working employees accessing your data from a jailbroken<\/a> iPhone or an ancient laptop with a long-obsolete operating system.<\/p>\n

Having employees well-versed in policy is essential, but we all make mistakes. Remote workers shouldn\u2019t be living in constant fear of opening the door to cybercriminals.<\/p>\n

Focus on cyber-awareness training<\/a> so homeworking employees understand their responsibilities to protect corporate data and what risks they may be exposed to from social engineering.<\/p>\n

Kaspersky\u2019s David Emm\u2019s warns that, \u201cStaff should be especially wary of messages that claim to give important information about current events, as cybercriminals are known to use this tactic.\u201d<\/p>\n

2.\u00a0 Secure employee devices<\/h2>\n

To protect your corporate data, give your employees, and contractors who can access your network, the tools and hardware they need to work safely at home with easy access to IT support teams for troubleshooting.<\/p>\n

IT administrators must maintain visibility of their digital assets across an expanding array of devices and operating systems. Mobile device management (MDM) technology should accompany your cybersecurity policy to help enforce the rules. It lets administrators monitor, manage and secure devices used for work, and grant or revoke access rights. If a device is reported lost or stolen, they can remotely wipe it and revoke access rights to any online accounts from that device.<\/p>\n

Device encryption is also a no-brainer; it\u2019s vital to prevent data being compromised if the device falls into the wrong hands.<\/p>\n

3.\u00a0 Level up your data protection<\/h2>\n

While the tired stereotype of the hooded hacker lurking in a basement with lines of code flitting across a monitor reigns supreme, most cybercriminals don\u2019t know all that much about hacking.<\/p>\n<\/blockquote>\n

90 percent of cyberattacks include social engineering<\/a>, exploiting human foibles rather than technological weaknesses.<\/p>\n

It\u2019s often dead easy for scammers to dupe victims into giving away confidential information over unsecured channels by impersonating a colleague, client or business partner. If an employee gets an email masquerading as a technical support agent<\/a> from a known service provider asking for remote access, there\u2019s a good chance they\u2019ll fall for it. \u00a0They can then gain access to confidential data if it isn\u2019t secured.
\n\"security
\nAccording to Kaspersky\u2019s 2019 research about digital clutter<\/a>, 72 percent of employees store documents at work that contain personally identifiable information or sensitive data. From this, the attacker can gain access to the entire business network from compromising that one employee-owned laptop.<\/p>\n

As well as educating your employees, keep all devices updated with latest versions of endpoint security. Automate measures for better data protection, like password protection and data backups.<\/p>\n

David Emm also advises to \u201cmake sure operating systems and apps are always updated. Provide a virtual private network (VPN) staff must use to connect securely to the corporate network and restrict their access rights once connected. They should protect corporate devices, including mobile devices, with security software that allows remote wiping of data from devices reported lost or stolen, segregates personal and work data and restricts app installation.\u201d<\/p>\n

Cloud-managed security can drive innovation<\/h2>\n

It\u2019s time for business leaders to stop seeing information security as a necessary evil. It\u2019s a competitive advantage \u2013 an enabler of innovation.<\/p>\n<\/blockquote>\n

Working away from the office is critical to be able to innovate. With business apps and data hosted in the cloud, IT administrators can enjoy centralized management by maintaining full visibility of their digital assets. Instant protection comes with reduced reliance on endpoint security since all confidential data is kept in a secure data center rather than on local devices.<\/p>\n

Business leaders no longer have to depend on their policies and device-level endpoint security \u2013 though this is still essential. They can instead build a centrally managed, software-defined computing environment where adding new users means simply creating an account, then letting the remote-working employee access everything they need through the web.<\/p>\n

This approach is not only better for information security; it reduces the need for remote workers to exchange files over email or unsecured file-sharing services. Make sure your cloud set-up is configured with the relevant level of cybersecurity protection for your company\u2019s data needs, don\u2019t expect this to be installed or run by the cloud provider.<\/p>\n

Work anywhere, secure everywhere<\/h2>\n

Remote working shouldn\u2019t be a source of fear. It\u2019s not about losing control. It\u2019s about decentralizing your workforce and letting them work in new ways. In the long term, it delivers enormous value for the whole business. Today\u2019s security solutions let you control the security and compliance of your digital assets. No matter where your workers are, you can keep your corporate data safe.<\/p>\n","protected":false},"excerpt":{"rendered":"

Homeworking brings fresh security challenges, and a chance to change the way we do business \u2013 for the better.<\/p>\n","protected":false},"author":2552,"featured_media":35094,"template":"","coauthors":[3673],"class_list":{"0":"post-34711","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-infrastructure","7":"emagazine-category-remote-working","8":"emagazine-category-safer-business","9":"emagazine-category-work-anywhere","10":"emagazine-tag-endpoint-security","11":"emagazine-tag-mobile-working"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/securing-home-workers\/34711\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/secure-futures-magazine\/securing-home-workers\/21698\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/secure-futures-magazine\/securing-home-workers\/14830\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/34711","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2552"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/35094"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=34711"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=34711"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}