How To Maintain Security When Employees Work Remotely

In 2020, businesses scrambled to manage a sudden shift to remote work as city after city declared a state of an emergency. 

Plans—and mistakes—were hastily made. Ad-hoc solutions were implemented. IT departments, if they existed, were stretched far beyond their limits. In the background roared social and economic chaos.

As the dust settles after the largest public health crisis of our life, many small businesses are realizing they are never going back to “normal.” Instead, most organizations have concluded that a hybrid workplace (a combination of remote and in-office work) is the necessary shift to meet the changing needs of the modern workforce.

Remote Work Is On The Rise 

Remote work has been on the rise for well over a decade. A 2018 survey conducted by job search site Indeed found that 62% of Canadian companies offered employees an option to work remotely, and Global Workplace Analytics says that regular remote work in the U.S. has increased by 173% since 2005.

Flash forward to today, according to the Accelerating Digital Agility report, approximately 57% [of people] expect to be in the office 10 days or fewer each month and 98% of people believe future meetings will include remote participants.

Unsecure remote work poses a real threat to your business data

Supporting remote team members can create costly security vulnerabilities. Continue reading to understand how to prioritize and mitigate potential threats as employees continue to work remotely.

bulletproof_icon

“57% expect to be in the office 10 days or fewer each month and 98% people believe future meetings will include remote participants."

YOUR SMALL BUSINESS COULD BE A BIG TARGET

Despite the dust starting to settle on COVID-19’s threat to public health and safety.  Cybercriminals are still using this global health crisis to their advantage to try to steal sensitive data. They’re counting on cracks in your cybersecurity caused by a hasty retreat to home offices and a patchwork implementation of remote productivity software solutions.

Spear-phishing attacks—attacks that target a specific individual or organization—rose by nearly 700% in March 2020 over the previous month, leading many organizations to release public warnings about such attacks.

MYTH: MY SMALL BUSINESS WILL NEVER BE A TARGET

A misconception that many organizations have is that hackers are not interested in targeting small businesses. The opposite is true. Malicious actors are aware that small businesses are the least likely to have safeguards in place to protect themselves.

“As SMBs have adjusted their business models, the criminals have adapted their actions to keep in step and select the quickest and easiest path to their victims.” - 2020 Data Breach Investigations Report

The 2020 Data Breach Investigations Report revealed that “Credential theft, errors and social attacks were the three most common culprits in breaches. Employees working from home could be particularly vulnerable to these attacks. In these uncertain times, it makes sense to focus prevention efforts here."

Now that your people are protected, it’s time to ensure that your business data is protected, too.

Hacker Link Icon

Over 90% of all incidents can be traced back to mistakes such as clicking on malicious links...

Top 2 Security Considerations of Managing Remote Team Members

#1 PERSONAL DEVICES ARE AN ADDED CYBERSECURITY VULNERABILITY

As teams continue to work both remotely and in the office, the boundaries between work and home begin to blur. The reality is that some team members will also use home devices and networks for work purposes which double the number of endpoints malicious actors can attack.

While personal devices are not necessarily less secure than work devices, organizations will need to ensure all devices are secure.

Now, more than ever, SMBs can’t afford to absorb the consequences of a data breach. Smart companies will take this opportunity to be forward-thinking and implement future-proof solutions.

#2 Employees Need More Cybersecurity Training

Often organizations believe that if they invest in the right technology their business and data will always be protected. However, the platforms you use will only work as well as your team has been trained to use them. 

Over 90% of all incidents can be traced back to mistakes such as clicking on malicious links or attachments in emails, entering organizational login information into a fraudulent website, not keeping software up to date and fixing security holes, or losing devices and equipment.” 

Conducting training to change employee behavior, attitudes, and security habits is a necessary investment for all small businesses. This is more challenging in a hybrid workplace as “1 in 3 remote workers admit they feel overwhelmed by the need to keep track of all their account credentials, it is easy to see how apathy, short attention spans, and bad cyber habits are the true adversary of a secure network.” 

How Can Businesses Enable Secure Remote Work?

For remote workers, security and productivity must go hand-in-hand. If remote security policies cause frustration and wasted time for employees, they will simply work around them. Without employee education and participation, even the most robust security methods aren’t useful or effective.

Employees working from home (or, as public health restrictions ease, from shared spaces like coffee shops, airports, or libraries) must be able to stay compliant with security policies without interrupting their workflows. Businesses that are serious about maintaining security when employees work remotely must choose productivity software with built-in security, with neither feature treated as an afterthought.

Productivity Icon

If your security solution treats productivity as an afterthought, your employees will find ways to work around it.

Secure Remote Work Software Checklist

If your business is actively seeking a remote work solution that fosters security and productivity, this checklist may help narrow your search. If you’re currently relying on a patchwork of software solutions that leave dangerous gaps in your cyber defenses, this checklist can help you identify an all-in-one solution that can deliver productivity and peace of mind while eliminating the IT problems you’re facing today.

The right secure remote work software solution for forward-thinking businesses will:

Checkmark Icon Give you (at least) the basic essentials: email, calendaring, mobile document creation and collaboration, team communication, and file storage and sharing.

Checkmark Icon Work from anywhere that your employees choose to work, and from a range of devices for companies with BYOD policies.

Checkmark Icon Provide built-in tools for managing and authenticating users, including role-based access control.

Checkmark Icon Enable multi-factor authentication for enhanced remote work security.

Checkmark Icon Help protect users from phishing and business email compromise (BEC) attacks.

Checkmark Icon Help protect users from malware attacks.

Checkmark Icon Allow for the implementation of a data loss prevention (DLP) policy that can help monitor the transmission of sensitive information and prevent it from ending up in the wrong hands.

Checkmark Icon Give users advanced collaboration tools, including video conferencing, whiteboarding, team chat, direct calling, recording and automated transcription options for meetings, and real-time document co-authoring.

Checkmark Icon Provide all of the tools your business needs with a layer of embedded security that doesn’t inhibit productivity.

Secure Remote Work Solutions From Microsoft + Bulletproof

Microsoft 365 delivers an advanced productivity platform with built-in security features that can be scaled to your organization’s needs. Microsoft 365 can securely power remote workforces of all sizes, from small businesses with limited IT resources to enterprise organizations with thousands of employees.

Microsoft 365 includes*:

  • Windows 10 Business
  • Office 365, which is comprised of all the cloud-based productivity apps that power businesses across the world: Outlook, Word, Excel, PowerPoint, Publisher, and Access.
  • Exchange, which provides intelligent email and calendaring.
  • OneDrive, the intelligent file sharing and management app for seamless remote collaboration.
  • SharePoint, a mobile intranet that lets users easily build dynamic sites to share resources and content for projects, teams, and departments.
  • InTune, an integrated endpoint management platform that takes the risk and headache out of BYOD policies.
  • Teams, the collaboration platform that keeps remote workers productive and engaged with video and web conferencing, scheduling assistance, screen sharing, chat, whiteboarding, automatic transcription, and more.
  • Advanced threat protection and security features that help stop phishing and ransomware attacks, enable multi-factor authentication and conditional access and restrict the movement of sensitive data.
  • Even more intelligent tools to power both remote and on-site work environments, like Bookings and MileIQ.

*not all features available at all subscription levels

Diving Deeper Into Secure Remote Productivity With Microsoft Teams

Web and video conferencing apps have become more important in 2020 than ever before. In a time when being face-to-face with coworkers and clients is a threat to public health, finding ways to maintain interaction is critical.

Many users of web conferencing tools are finding that solutions that used to work just fine for occasional remote meetings simply aren’t cutting it anymore. It’s easy to ignore a conferencing tool’s shortcomings when you only need it once in a while. When it suddenly becomes your main (or only) method of team communication, those minor annoyances quickly become major problems.

Additionally, users have discovered that some web conferencing apps are putting their cybersecurity at risk.

One app that came under heavy scrutiny was Zoom, which came under fire for allegedly selling off user data to third parties as it saw fit. Zoom rewrote its privacy policy in late March 2020, but didn’t stop collecting significant amounts of user data. In early April 2020, security expert Bruce Schneier learned that Zoom for Windows could be exploited to steal users’ credentials and that Zoom was secretly displaying social media information to other meeting participants.

Video conferencing is just one of the many features of Microsoft Teams, which eliminates security concerns associated with tools like Zoom. Teams offers chat, calling, meetings, file storage, interconnectivity with the rest of the Microsoft 365 suite, compliance controls, advanced authentication capabilities, and more.

Some features of Teams that are exceptionally useful for remote work environments include a whiteboarding app for real-time brainstorming collaboration, automatic searchable meeting transcriptions, meeting time recommendations based on employee availability, and the ability to co-author files directly within the Teams app. All Teams features are protected by the same security protocols as Microsoft 365.

bulletproof_icon

Business conferencing app downloads rocketed up 90% in March 2020 compared to March 2019.

Find A Bulletproof Solution For Secure Remote Work And Get A Customized Deployment Plan

A lot of IT consultants can set you up with remote work tools, but no company can set you up for success and security better than Bulletproof. With more than two decades in the security business, it’s in our DNA. Protecting your privacy and data is built into everything we do.

Users on six continents trust Bulletproof to secure their networks, data, and people. Named Winner of the 2021 Partner of the Year Security Award by Microsoft [Global] and three-peat Microsoft Canada IMPACT Award Winner [2021-2019], Bulletproof is proud to be a Microsoft Gold Partner with twelve gold competencies. We look at everything we do through the lens of integrating productivity, enablement, and security into the solutions we develop—delivering value, protection, and peace of mind that others simply can’t.

MS_Partner_colour-3

Woman working in her living room with a laptop

How Secure Is Your Small Business? Take the Assessment. 

What are your small business's biggest cybersecurity risk factors? This SMB Security Assessment will reveal likely attack vectors and give you an instant, free security score followed by actionable suggestions to improve your overall security posture.

This assessment consists of ten questions about your organization's current cybersecurity practices. At the end of the assessment, you'll receive an instant cybersecurity score. We'll also send you a free personalized assessment within two business days.