Home working: 5 Essential Cybersecurity Issues Every Business Needs to Manage

The disruption caused by Covid-19 has created a massive shift in priorities for almost everybody on the planet. Businesses are having to adapt to a home-based workforce, repositioning infrastructure and services to continue operating. In this post, we look at some of the significant business issues IT teams should be thinking about and provide some ideas on how to manage them for a smoother home working transition.

Ease of Accessibility

Social isolation is a new word that has entered our lexicon associated with home working, something that only a few did, but now nearly the entire world is having to do. In this shift, cloud-infrastructure has become the platform of choice.

Businesses should look to move their IT resources into the cloud if they have not done so already. Whether you use AWS, Google or use your own, cloud-hosted IT resources provide the flexibility organisations need to move to a home-based environment minimising disruption. Cloud-backed services also get the resilience and failover they need, giving business reassurance that services will remain accessible no matter what catastrophe befalls them.

Mitigate Small Issues for Big Gains

Managing workers dependency on IT teams is crucial in adopting a streamlined home working environment. At the start of any business transformation IT teams are focused on readying IT services, but having to manage mundane issues such as password resets is very disruptive and time-consuming.

Gartner estimate 20%-50% of all IT tickets are for password-related issues, costing businesses millions in lost time and money – and this will only increase as employees shift to home working. Putting mechanisms in place early to manage these issues is going to free-up IT teams, reduce lost time and keep business moving forward.

Products like self-service portals significantly reduce IT tickets while at the same time increasing the speed in which password issues are resolved. Products like LogonBox empower employees to reset/ change their Active Directory passwords, sync the changes to cloud directories such as Office 365, unlock accounts and even access web-apps all without helpdesk involvement.

Self-help solutions provide business with a 24/7 helpdesk, enabling employees to continue working while letting IT teams focus on keeping services running.

Enable Secure Policies

When working in any IT environment, especially environments with remote workers, enforcing a secure password policy is a must. The standard Active Directory complexity rules are a great option, requiring users to use complex configurations of symbols, letters and old passwords. If you are in a specific regulated sector such as health then complying with HIPAA policies is vital, and relying on a banned password list is going to be pivotal.

Self-service password reset software can enforce strict passwords even more stringent than Active Directory and search a database of banned passwords, preventing users from setting vulnerable passwords.

Securing Access with MFA

Securing access to applications when employees are outside of the company network can be difficult but using multi-factor authentication provides the reassurance that applications are accessed securely.

Employing multi-factor authentication provides the security business needs while still being easy to use for the user. Tools like Duo and Yubikey protect IT resources by using a second source of validation, like a phone or USB key to verify user identity before granting access. MFA ensures that your workforce is using the most secure ways of accessing IT resources no matter where they are without being challenging to use.

Rely on Technology for User Access

Most businesses use anywhere between 5-50 applications, to avoid users storing credentials to vital systems consider using secure authentication methods backed by protocols such as SAML 2.0. Having a central portal from where a user can securely log in to an application using MFA reduces the need for users to self-manage their credentials.

It’s crucial to centralise access control to applications where possible to easily suspend access across applications quickly for any reason regardless of where the user is.

Summary

There is a difference between being at home during work hours and working remotely in a way that keeps business operational. Make thoughtful, intentional decision to enable flexibility as a contingency plan to allow business continuity.

Global health emergencies are scary and disruptive if you plan to manage these disasters, and nothing happens, then, at a minimum, you have an organised business continuity plan the next time there’s a challenge.


Like that? Check these out: