Many people are working from home nowadays. Paying attention to information and cybersecurity in this situation is crucially important. For example, working from home means an extra challenge to secure your organisation's network. Nomios recommends taking precautions where necessary and promoting safe working from home (or secure remote access) to your employees.
What you can do to ensure secure remote access
Many organisations are using VPNs to give access to their network from an external location. But have you asked yourself how safe a VPN is? It is often described as 'fake security'. A VPN encrypts your data but doesn't offer protection against phishing or other cyberattacks. Organisations are switching to network access control (NAC) solutions nowadays. NAC solutions are increasingly favoured over traditional VPNs due to their enhanced security features and adaptability to modern network environments
Make maximum use of multi-factor authentication and enforce the use of strong passwords. Optionally, set up additional monitoring and application security on applications essential to your employees to be able to work from home. Also, take into account that a possible overload or failure of these applications might take place.
It is advisable to give phishing schemes extra attention. There are themed phishing scams that deserve extra attention and should be known to your employees. This happened a lot during the COVID-pandemic. Make sure that employees know how to securely report these schemes when found. Take into account a possible increase in reporting and direct your incident response accordingly.
Advantages of NAC over VPNs for remote work
While VPNs have been a reliable solution for remote access for a long time, their limitations in security, access control, visibility, and scalability make them less suitable for modern, dynamic remote work environments.
- Enhanced security: NAC solutions enforce strict access policies based on user identity, device compliance, and real-time risk assessments. This minimises the risk of unauthorised access and lateral movement within the network, even if a device is compromised.
- Granular access control: It provides fine-grained access control, allowing organisations to limit user access to specific applications or services based on their role and context. This reduces the attack surface and prevents over-privileged access.
- Improved visibility and monitoring: NAC offers comprehensive visibility into all devices connecting to the network, enabling real-time monitoring of user activities and traffic patterns. This helps detect and respond to potential threats more effectively.
- Better scalability: These solutions are designed to scale more effectively than traditional VPNs, particularly in environments with a large number of remote users. They can accommodate growing remote work demands without compromising performance or security.
What can IT do to enable remote work
To improve working from home safely, the IT department should take several important steps. First, they need to provide the necessary network capacity to accommodate the larger number of home workers, which includes enhancing both the IT and telecom infrastructure. It is also essential to assess which employees should be in the office to support the IT facilities required for effective remote work. Additionally, the department should ensure that all options considered for enabling employees to work from home are thoroughly tested and regularly updated.
Installing the latest hardware and software updates is crucial to maintaining a secure and efficient working environment. Moreover, IT should remain vigilant about the potential increase in reports of phishing emails and fake communications, as these threats often arise with remote work. It is important to ensure that the organisation's guidelines regarding information security are current and well-communicated to employees, particularly concerning the use of hardware and software at home and the potential use of personal IT facilities. Finally, the IT department must verify that the remote secure access solutions being utilised are safe and effective.
What employees can do to improve security when working from home?
To improve security while working from home, employees should take several important precautions. First and foremost, it is essential to use a trusted and secure (wireless) network to minimise the risk of unauthorised access. Employees should also be prepared for (possibly) longer response times due to potential capacity issues, which can slow down applications and affect productivity.
Additionally, employees should remain vigilant regarding phishing emails, particularly those themed around current global trends or news. Cybercriminals often exploit these topics to send malicious emails or distribute malware. If an employee receives a suspicious email, it is crucial to report it to the management organisation immediately and to avoid responding to any phishing attempts.
Furthermore, employees should refrain from clicking on links in emails, opening unknown attachments, or entering personal information in response to emails from unknown senders. Adhering to the organisation’s guidelines regarding cyber and information security is vital. Employees should be mindful of the information they share at home and what they discuss in messaging applications or during video conferences.
Lastly, employees must follow the organisation’s guidelines concerning the use of hardware and software. This includes being cautious about using personal devices and peripheral equipment, as well as carefully considering the installation of applications. By taking these steps, employees can significantly enhance their security while working remotely.
Our team is ready for you
Do you want to know more about this topic? Leave a message or your number and we'll call you back. We are looking forward to helping you further.