Working From Home – How To Stay Secure
So your employer has let you work from home and now you're wondering “how do you stay secure?” There are more and more employees that are working from home nowadays and it's becoming the norm. I personally think is fantastic because it's lowering the number of cars that we have on the roads during peak times, which is a huge problem. You go along and there are five cars each with one person in them, instead of one car with five people in. There are more traffic and greenhouse gas emissions for no reason. Anyway, that's another story. What we're going to be doing today is discussing how to stay secure from both a business perspective, as well as from the freelancer remote workers perspective. Let's start with the freelancer.
For a freelancer to stay secure you need to make sure you've got fantastic anti-virus software. You need to make sure that you've got daily onsite incremental backups. Now when I talk about anti-virus software, I'm talking you're spending at least $100 a year on that anti-virus, any less than that is a waste of money and isn't going to be doing you any justice.
Once you've got your anti-virus in place it is a great idea to get some anti-malware as well. We use Malwarebytes and we find that it's fantastic. The professional version is definitely what you'd be wanting buy. Depending on the way that your environment's set-up, this might be something where your company is paying for these pieces of software and they're even managing them remotely, or it might be something were you're having to fork out a few dollars. Either way, they are definitely two tools that you have to make sure you have.
The tools that we use for anti-virus are upwards to $250 to $300 a year and we find that they're fantastic. Despite this, make sure to backup anyway. You want to make sure that your systems are working. If someone sends you a job to do and you don't have your system available, that is 100% dead time for you. You need to make sure that they are fully available, so having a daily incremental backup system is a must. Systems such as Acronis or StorageCraft will allow your system to back up, give you an alert if it didn't work and will sit unnoticed and backup each day. Whether it be every four hours or every 24 hours, they will keep you up and running and some give you some continuity with your deliverables.
VPN or a Virtual Private Network
Now that the software bits are out of the way it’s time for the network stuff. If your business is dealing with stuff that is confidential or could be misused in the wrong hands, it'd be a good idea to set-up what's called a VPN or a Virtual Private Network. This acts like a direct cord that connects from your office straight to your machine at home. You can do things such as share things, do printout in their office, send files across to your computer and you can see any of the shared drives that you would have at work while you're at home. Having a VPN is a business by business case, but it'd be a sensible idea if you're in any sort of corporate entity, dealing with confidential documents or if you're dealing with anything that is sensitive in nature.
Don't Do Anything Dodgy
Now your work is secure with anti-virus, anti-malware, backup and a direct connection, but you still want to make sure that anyone that's using this machine is only using it for work. If you have one of the kids jump onto it and they go to a site that they shouldn't, (such as a teenage boy checking out online gambling, they wouldn't be looking at anything else would they) you could be in trouble. If a dodgy site has an infection, there is a chance that it could flow through to your work, and that is not good for you. Make sure you're not doing anything dodgy or untoward on that system. That is now what we'll call the business system. Don't do anything else besides business on it.
It's even a sensible idea to make sure that other machines on your network don’t have viruses. Some can broadcast over the network and if your PC gets it won’t end well, so it's good to make sure that your computer is isolated. You can isolate your computer quite easy with a thing called VLAN. This might sound a technical now, but you can set-up it up so you have several different routers that go in a waterfall arrangement. This means that only specific computers can access certain devices. A local IT company that is managing your business should be able to jump in and help you get this set remotely and give you some more guidance.
The Business Perspective
Now let's jump onto the business perspective side. When you've got a new person connecting in and they're connecting in remotely, you want to make sure that they are secure, and you want to make sure that the information they're getting is only the information that they need. If they are to get infected, you're going to be up shit creek. Why? Well, you’re going to be stuffed if something happens on your work network, so make sure that you are protecting your digital assets. This is very important. You can do that through group policies in active directory, as well as making sure that remote workers are only accessing exactly what they need. Keeping daily backups of any of the files that they have access to will also keep you protected should something go wrong.
If your routers and network equipment are able to monitor when they connect in, you will be able to see the sessions that they have open. You can also have it set up so that when they authenticate they have to use multiple forms of authentication. This is called two-factor authentication. To do this they will have a password from their head, as well as a randomly generated code on their mobile phone. When they connect it locks them in so you will know that's definitely the user is connecting to your network.
Finally, now that you’ve got a layer of security on the network, as well as some analytics to be able to see what's going on, the next thing that you want to put in place is the ability to ensure the integrity of the work that they are doing. You need to be able to make sure they are reaching the benchmark against your current internal employees. There's lots of different screen capturing tools out there. They can give you a summary and audit trail of what they've been doing.
This will give you an idea that they are as productive at home, if not more productive than they are when they're in the office. My personal opinion and what I've seen time and time again is that along as you've got the right employee, they are always more productive when no-ones in the office. This isn’t a situation that can comfortably occur, so I find the next best thing is that when they work in their home office. Here they will become more productive than when they're surrounded by lots of people and lots of distractions.
I've got another podcast on that that you can look to about this topic, but the short of it is that working from home is a great situation. Get your employees working from home and secure. Reduce your carbon footprint. Be the person that's doing something for the environment, make it happen!