Teleworking and cybersecurity: Is your business properly protected?Blog, cybersecurity
1 juin 2020
Many employers have implemented teleworking since last March, a new reality that comes with its share of justifiable cybersecurity concerns. Does your company allow employees to work from home? Below, you’ll find an overview of the issues to consider to implement best practices in terms of operational security and reduce any potential risks.
Teleworking is here to stay
It’s important to keep the following three points in mind at the outset:
- Teleworking (also known as telecommuting, remote working or working from home) is a phenomenon that is here to stay. To the surprise of many, this approach to work is proving itself and delivering results with respect to efficiency and productivity. Already, many companies have even announced their intention to continue on this path over the medium to long term, or even permanently.
- The large-scale, sudden and unplanned transfer of corporate operations to employees’ homes has unfortunately opened the door to hackers, who take advantage of loopholes in poorly secured computer systems to carry out malicious acts. Indeed, we’ve recently witnessed a marked increase in phishing and hacking. Ransomware is also on the rise (an operation aimed at demanding a ransom in exchange for access to confidential information that would otherwise be deleted or shared publicly).
- Assuming that only companies operating in historically higher-risk areas should be concerned about cybersecurity is incorrect. Hackers no longer discriminate, and hackers are even taking over the systems of smaller companies.
With this in mind, it’s clear that protecting your business from cybercrime is more critical than ever. The key to properly securing your operations is simple: hardware (equipment) + software (applications) + users (employees).
Each of these three elements is essential because a chain is only as strong as its weakest link, as the saying goes.
Hardware and software: Are your computer hardware and software up to date?
First, let’s talk about hardware. Are your employees adequately equipped? As part of their duties, each employee who works from home should use hardware supplied by the company or work via a virtual office portal. When corporate computers are used for teleworking purposes, work should be avoid on a personal computer. Always keep in mind that sensitive data is easier to hack when it is on a personal computer, as such data is generally less secure.
Next, it is essential to use software tailored to the needs of SMBs. Many solutions exist on the market, but those offered free of charge to individuals shouldn’t be used for corporate purposes, because the protection they provide is often insufficient.
A host of connectivity practices have become must-haves, regardless of the type of infrastructure you have. If you aren’t fully operational in terms of cloud computing, then you probably have a hybrid infrastructure, a very common situation. In such a case, you must use the best identification methods for each infrastructure. For access to local servers, be sure to use a secure VPN connection. For cloud computing applications, two-factor authentication (by text, email or third-party authentication application) is the best option. In all cases, the use of complex passwords is strongly recommended. But these are only some of the best practices you need to implement. This is where BGR’s IT expertise becomes a valuable ally.
Users: Are your employees well trained?
No matter how powerful and efficient your hardware and software are, they’ll be useless if your employees use them carelessly. That’s why it’s so important to train every company employee properly on best organizational practices and to have a clear and strict policy on the use of technology in the workplace. Employers are responsible for providing such training.
BGR Informatique: Experts in making working from home safe
Are you unfamiliar with terms such as VPN, firewall, MFA, cloud computing and so on? Need help to protect your company’s operations fully? At BGR Informatique, we roll out 360º IT solutions for SMBs.
Get a free initial consultation today. Subsequently, we’ll perform a full security audit to pinpoint your company’s needs and offer you the most appropriate solutions. Ready to take action? Contact us now!
*Find out more about our employee cybersecurity training, which is currently eligible for a PACME subsidy.