Offices are opening more and more, and a large number of professions are flexibly re-adjusting to the new digital reality. Remote work - from home, during a vacation or even a pandemic - is an increasingly realistic possibility. It is worth looking at it from different sides, and you should analyze it according to your personal priorities - as an employee, employer or freelancer. In this text, we focus on the point of view in aid of small and medium businesses, where we can offer experience, specific solutions, partial and complete services.

Rules and Policies

They are a consequence of IT decisions already taken and a mandatory part of the principles for their successful use. We start with them because they are the ones that get postponed or neglected, and it is important that they are considered as part of an overall process to achieve secure remote work.  

Regular information and training of your team is essential for effectiveness in this remote way of interaction. In addition to basic training, introduce rules and policies and require them to be followed. Only then does the resource you invest in telecommuting opportunities make sense.

Here are some tips for employees with remote access at work that you can implement in your company security policy:

• Avoid using public Wi-Fi, and if necessary - create a hot spot connection from your phone. Keep in mind that many other people are probably using the same network and the potential risk of phishing is high. And if someone is interested in monitoring your traffic in your work environment, you make it very easy because public networks are not secure.

• When working in a public place, limit visual access of other people next to the device screen and hands. Otherwise, your password can be identified and used.
• Use company computers, whose software and/or applications provide a reliable working environment. While the personal computer is sometimes the more tempting machine to work with, it is also the riskier one. Operations such as regular updates of the required class, anti-virus scans, blocking of suspicious sites, etc. are hardly carried out on it.
• Build a relationship with the IT department (or the external support team) for better information exchange, helpful tips and security problem reporting. Sometimes, in an attempt to deal with a problem on their own, employees create an even bigger one. Timely communication with the operational contact has the advantage of providing peace of mind and quick response to a problem.

Train on innovations and address regular, reminder communication to employees. No matter how strongly worded the rules and policies are, certain inconveniences or simple forgetfulness can lead to damage related to company information. Find a suitable option to put company rules on the agenda again and again.

Remote access protection and security

Although you have established rules for employees, met with understanding and monitored their compliance, there is still a risk of malicious access by outsiders. Therefore, it is necessary to aim for a complete solution that will ensure problems arising from remote work.

We highlight two of the directions in the big topic of security and protection, which are completely in your hands - networks and data storage.

Data accessibility is the first that every user thinks of. One popular secure solution is to introduce a remote access via VPN (secured network connection). This provides flexible connection to different platforms – web pages, email or file server, etc. and protects traffic to company data. Note that not all VPNs require a large outlay. Best assess your needs and the level of privacy you need.

Another idea is to set up encrypted connections on a remote desktop or other separate server. Many of these connection types (RDP, HTTPS, SSH) include encryption as part of the service technology and do not require an additional VPN or other encryption service, but require prior setup to enable security.

Sometimes the company decides to organize an opportunity for employees to work even from their personal computers. This is done by accessing cloud servers and services such as Microsoft Office 365. One of the many benefits is that it avoids downloading or syncing files or emails to a personal device.

Data storage is a topic with current developments literally every day. In general, the options are: storage in the cloud or on the server with the office. The choice of solution largely depends on the nature and dynamics of work. For example, with smaller volumes and information transfers, it is very common to have your own server and access it via a VPN connection. It is increasingly popular among companies to prefer working in the cloud on a subscription basis because of the numerous configurations it gives for potential job growth. Maintaining your own cloud system is typical for large companies or for those developing and maintaining such a service.

• Transparency when transferring data during remote work is also an important point of the company's overall IT policy. You can add a solution for data leakage protection (DLP), with which you can control who processes and exchanges what information, as well as know how well your employees are working in remote mode.

   

• Professional reantivirus protection and monitoring on the computer, would in certain cases provide a degree of response, albeit incomplete. If an improved type of monitoring is not possible, there are other solutions. We recommend that you discuss them with specialists.

   

• The regular data backup, updating anti-virus programs and equipment prevention are important activities that we advise you to entrust to experienced IT teams or a reliable external contractor. They are part of your company's overall security and protection solutions.

Remote work presents a unique information security challenge for both you and your employees. When in the office, they operate behind layers of preventative security controls. While these solutions aren't perfect, a potential security breach is more difficult. Therefore, taking meaningful IT solutions to provide a remote environment are solutions with a future, and the principles of their implementation must be established and systematically controlled practices among employees.

If you are interested in customized IT solutions to make your business more flexible in different circumstances, Contact us. We will take the necessary time to research your needs and offer appropriate, reasoned options.