Industry Essentials: Remote working security best practices

July 28, 2023 | Cybersecurity
Will Shaw

Written by
Will Shaw

Remote work is now firmly established. Since the pandemic, businesses of all sizes and sectors have embraced hybrid work in some form or another.

This has numerous advantages for both businesses and employees. It can be more productive when properly organised, while also improving work-life balance and team morale. However, there are security risks must be identified and managed.

In this article, we will look at the most common risks associated with remote working, as well as the best practises that employers and employees should implement to stay secure and keep cybercriminals at bay.

Common security risks of remote working

Remote working is more than just providing employees with a phone and a computer at home. Remote work, by definition, involves some network traffic, data, and system access that occurs outside of the normal work environment.

When working remotely, multiple layers of cybersecurity may no longer exist. While your office network may have multiple layers of security, remote workers who have home Wi-Fi are deprived of these. Similarly, if they connect via an unsecure or public network, your office network may be jeopardised.

Away from networking, there are other less technical risks. Prior to remote working, all work devices were kept in the same physical location. This has now completely changed. Even small businesses will have a fleet of laptops, mobile devices, and tablets spread across multiple locations, meaning there are more endpoints to protect in more places. 

You may also implement a BYOD (bring your own device) policy. Without proper oversight, there is less control over everything from software updates to password strength and the sharing of unencrypted files.

This may all sound frightening, but it doesn't have to be. There are strategies and tools that businesses can use to achieve good remote working practises and, ultimately, secure their business and customer data.

Remote working best practices

The key word here is "control". You need quick and easy oversight of these risk areas. Fortunately, there are numerous solutions available to address the security risks of remote working. Now, we'll go over some of the major areas of concern, as well as some excellent solutions to address them.

Microsoft 365 security

Microsoft 365 is perhaps the most widely used collaboration tool in hybrid workplaces. You get the Office suite as well as remote access to cloud storage. You can also use Teams for instant messaging and video calls.

Its built-in security, on the other hand, leaves a lot to be desired. Octiga, one of our partners, is leading the charge in this regard.

Octiga covers a great deal while remaining extremely user-friendly. It provides a unified view of your Microsoft 365 security status, as well as simple best practise templates. 

Octiga implements security best practises through baseline templates, whether your employees are at their desk or at home. It serves as the eyes and ears for your Microsoft 365 security, giving you peace of mind that the entire suite of products is secure regardless of where it is accessed.

Password management

Unmanaged passwords pose a significant risk. If one of them falls into the wrong hands, it can cause untold harm. Because devices are more likely to be exposed to people outside the workplace when working remotely, the risk increases.

Password managers and encrypted password software are essential for password security and keeping cybercriminals out. Keeper Security software simplifies the secure storage and sharing of credentials, making it the ideal solution for remote employees to securely access the business accounts they need.

Cybersecurity training

Employers and employees must be informed and keep up to date about cybersecurity best practises. Giving your team the knowledge they need to spot a phishing attempt goes a long way towards keeping your company secure. We've learned from talking to many MSPs that simply discussing what a phishing attempt might look like a couple of times a year isn't enough. Cybersecurity training should be conducted on a regular and contextual basis.

KnowBe4 is the most comprehensive integrated platform for security awareness training and simulated phishing attacks. It's an excellent way to ensure that teams are regularly exposed to phishing attacks in a safe environment, making them far more capable of detecting a malicious email.

Updates and patching

Whether employees use their own devices or those provided by their employer, it is critical to update and patch software on a regular basis. Software patches and updates not only improve features, but also the software's stability and safety, all while working towards the never-ending goal of keeping business data secure. With BYOD, this can be a difficult task, but regularly training employees or implementing BYOD policies about software updates could be the solution.

Brigantia works closely with Heimdal due to their innovative technology for reducing cyber risk. Through cutting-edge technology, their next-generation cybersecurity protection can detect, hunt, and respond to cyber threats. Heimdal's modular and scalable solutions include a fully automated patch management system, making it ideal for keeping remote workers secure.

Brigantia’s support

Strong cybersecurity is critical for any business, but it can be difficult to implement, especially now that teams can work from anywhere. Through our extensive partner network and our experienced and knowledgeable product specialist team, we help businesses with all aspects of cybersecurity. Contact a member of the team if you have any questions or would like to learn more.

Please explore the Partner Programme and find which elements will best suit you by following the links below:
Are you an MSP?
Are you a VAR?
Request a Demo

Recommended reading

Browser-Based Threat Report from Conceal

Conceal's weekly threat report for the week of July 8th, 2024, unveils critical insights into the ...

Women in tech: the growing community in cybersecurity

In June, we headed to London for Europe's most prominent cybersecurity event – Infosecurity Europe. It was a ...

What I learned from the CompTIA UK and Ireland Community Meeting

Attending the recent CompTIA UK and Ireland Community Meeting last week was an insightful experience that ...