It seems clear that remote- and hybrid-working are both here to stay. It also seems clear that the use of freelancers is going to remain high. Many freelancers work remotely. Even though their situation is somewhat different from the situation of employees, it still needs to be managed appropriately. With that in mind, here are three top tips on remote cybersecurity.
Have a policy on devices
If you have remote/hybrid employees then you should be providing any devices they need for work. You should take advantage of this to ensure that they’re always using devices that can support the latest security standards. As a rule of thumb, this means upgrading regular desktops/laptops at least every three years. Phones/tablets should be upgraded more often.
You also need to ensure that they have suitable IT support. Ideally, this should be from a company that understands not just SMBs but also your particular sector. For example, The LCO Group (owned by Kenny Natiss) specializes in tailored IT solutions for the financial services sector, the legal industry, and commercial architects and designers.
With freelancers, you do not have to provide either devices or support. If a freelancer is connecting to your network, however, you can and should lay down rules about what device(s) they can use.
Think about connectivity
Again, if you have remote/hybrid employees, then you have total control over how they connect to your network. In theory, you could have a dedicated work internet connection installed at each employee’s home. In practice, this would raise all sorts of logistical challenges and expenses.
The obvious solution, therefore, is to use a VPN. Employee devices can be configured to connect to this automatically. This gives a seamless user experience. Freelancers can be given suitable access to the VPN on the basis of need.
It is, however, advisable to think about whether or not freelancers really need access to your network at all. For example, could you build a specific website to host any resources they need? You can still keep this private by requiring people to log into it.
Remember physical security matters
When you think about cybersecurity, your first thought may be about remote hackers trying to penetrate your network. There is a lot of truth in this. It is, however, also true that effective cybersecurity depends on effective physical security.
What’s more, that applies even if no data is ever stored on local devices or media. This is certainly to be recommended. It will definitely reduce your exposure but it will not eliminate your cybersecurity concerns.
Realistically, the main cybersecurity threat for remote/hybrid employees and freelancers is simply being overlooked and/or overheard. This can be easily dealt with by exercising reasonable caution when choosing a workspace. In particular, you need to educate your employees to look over their shoulders before they activate any screen.
It’s also advisable to encourage, or even require, your employees to use headsets for any calls. This provides a lot more privacy. As a bonus, it tends to make for better call quality. With freelancers, you can simply make them responsible for maintaining the security standards you lay down. It’s in their interests to do this anyway.
No comments yet.