Unlike restaurants and movie houses, companies that don’t provide in-person service were able to let their employees work from home during government-mandated lockdowns and shelter-in-place directives. As a result, these businesses were able to maintain a level of productivity that allowed them to stay afloat, if not remain profitable.
As the economy opens up and vaccines are distributed in Florida and across the country, people have begun returning to their offices in droves. However, it appears that work setups will still include remote work because of the many benefits it provides. Employees get to hunker down and focus on their tasks, be flexible with their time and accomplish personal errands, and avoid stressful hours-long commutes. On the other hand, employers enjoy increased productivity from their staff, wider access to far-flung talent, as well as decreased turnover thanks to greater job satisfaction.
However, permitting work from home setups brought about data security issues, which many companies had to learn from the hard way. Here are two big lessons firms must apply to secure their hybrid workforce.
Don’t let your hybrid workforce blur the line between the personal and the professional
In the rush to enable employees to work from home, companies permitted them to use their personal devices to accomplish job-related tasks. While expedient, this was also risky because:
- Those devices may already be infected with malware that may reach company networks.
- IT admins have a harder time implementing monitoring and access controls over different types of devices and operating systems.
- The apps people use to help with their tasks may not be vetted by IT admins.
- The security systems staff members use on their devices are often subpar to what the company uses.
- Home devices are usually shared among family members who may get to see sensitive company information that they’re not meant to see.
- Portable personal devices can be lost or stolen, allowing others unfettered access to open company apps.
- There’s a higher risk of staff using their personal accounts to transmit company info, and perhaps even missend such info to the wrong persons.
To mitigate these risks, you need to implement data management policies. For instance, you may want to require staff to submit the devices they plan to use for work for inspection and partial modification. That is, they must allow IT admins to create separate company accounts that could be monitored and controlled remotely. Monitoring software helps IT identify and nip suspicious behaviors in the bud, whereas remote control allows admin to block network access privileges of the corporate account without affecting the device owner’s personal account.
These measures not only help prevent accidental data breaches, but they will also make insiders with malicious intent think twice about stealing or compromising company data.
Beyond applying control measures on devices people use for work, you’ll want to train your staff so that they handle company data with utmost care and awareness of data privacy regulations.
Do implement identity and access management (IAM) protocols
With lockdowns eased, people are eager to get out of the house and work in cafes or other establishments with public Wi-Fi. These tend to be unsecure and risk exposing your data. And even when employees do remain at home, their Wi-Fi may also be vulnerable to interlopers, especially if their connections do not have the latest security updates.
Here is where IAM’s zero trust network access (ZTNA) can come in.
ZTNA assumes that firewalls and other network perimeter defenses have already been breached, and therefore no user inside that perimeter is to be trusted. Thus, IT admins clearly define the roles of each individual staff member and provide only the access permissions the latter needs to do their jobs. Then, admins keep sensitive data behind micro-perimeters that require users to go through multifactor authentication. These measures will help ensure that employees don’t get to see data from other departments, and also limit the scope of data breaches in case a staff member’s account is taken over by a cybercriminal.
Florida businesses trust HERO Managed Services LLC to keep their data safe from breaches. Schedule a consultation with us to learn more about how our data security solutions can help protect your business from all sorts of cyberthreats.
Leave a comment!