Securing Your Data Network for Work From Home (WFH) Teams
Remote workers, depending on their system set up, can provide a vulnerability for the business network. As many businesses have been completing quick and best effort set up, precautionary measures may not have been a consideration.
- Personal devices have access to the business network
- Machines could have outdated and unsupported software
- Many homes have older wireless, firewall, and router technology
- Businesses may have been opening up ports on the firewall for more flexibility
Any of these items alone provide vulnerability to the company network, more than one of these increases the chances of being caught up in viral and phishing schemes
Combine that with the possibility of anyone in the household clicking on an infected link, and it could quickly become bad news for your business network.
So in this conundrum in which we find ourselves, where does this leave you?
You need to provide social distancing; within your business walls, it may not be possible, and you don’t want to take the chance of risking your team’s health.
Small and Medium businesses need to be able to recuperate from this event, but how do you do that if you can’t at least keep the company running through these unexpected times?
If you decided the best option was to send your team home to work, you are not alone, but you do need to take precautions.
Own All the Devices
The most secure option is purchasing the devices and including them as part of your managed network or adding them to your managed services plan.
Unfortunately, that is a slower and more time-consuming option, that may not be a privilege.
Fully Managing Devices Access Your Network
Your second most secure option- fully managing the personal devices of your employees. So what does that mean? It means using the same network tools on personal devices that you would typically include on your business networks, such as anti-virus, email security, and remote monitoring and management tools.
The downside for your end-users, you remove the ability for administration on their device. So while this may be great for a business owner, it may not be appreciated by other end-users.
A secure socket layer virtual private network (SSL/VPN) to the device will provide a more secure connection than trying to create a VPN using the home router that was purchased 10-years ago and hasn’t had an update since it was installed.
These different tools create layer upon layer of various protection mechanisms to reduce the chances of someone hacking your network.
If you are using a managed services provider like TSAChoice, this would mean that these devices would need to be included in your managed services plan. If devices are outside of this plan, it isn’t possible to provide the type of security that under normal circumstances you expect for your business.
Require Best Effort Policies
All that being said, if the above options aren’t a possibility, you need to control what you can control. Remember, these steps are helping your business, but at the same time, they are protecting the team’s digital assets as well.
Before home users access your network you should confirm the following:
- Operating systems are supported and running current software
- Anti-virus is active and up-to-date
- Co-workers (and anyone in their household) understand best practices for email, passwords, security settings, and so on.
- Other devices on the home network relatively new and configured correctly
Most businesses that have disaster recovery and continuity plans were probably not prepared for something of this magnitude. If you need an additional perspective, we recommend that you reach out to your managed services provider or give us a call.