Niall Tuohy, Security Product Manager with Vodafone Ireland discusses network security

Great interview with Niall TuohySecurity Product Manager with Vodafone Ireland .

As more and more people are working from home, how can they handle smart devices?

Securing your smart devices is key to secure home working. For businesses who already have security built into devices, make sure your solutions are up-to-date and operating on the latest versions. At this time, you may want to add a feature so employees can clearly see when an email was sent from an external source.

Company devices should have a VPN or virtual private network so employees can access company email and applications, without risk, preferably with a two-step authentication process. Businesses may also want to blacklist certain websites and install more robust device management software for an added layer of security in these uncertain times.

It’s also critical to understand how data storage and backup work. Can you save and back up your local files to a corporate cloud solution? It’s important that you don’t back-up content to your phone or computer’s desktop as this could be easily hacked.

When this Covid-19 situation finally ends, should businesses set up security protocols that must be adhered to when working from home?

Absolutely. When we do emerge from the COVID-19 crisis, the working from home model will look significantly different. It is therefore critical for all companies to review and update plans and policies that specifically address the security behaviour and actions of employees and whether there is dedicated security training needed for staff. It is also important to understand what the level of awareness and consideration of security issues is across the company, especially when implementing new initiatives or working with partners on security preparedness.

Being cyber ready is about being aware and prepared for the threats present today and tomorrow. A business needs to be ready to react, respond and recover when the worst happens, not just trying to prevent it.

Will, what is happening now usher in new BYOD guidelines?

Quite possibly. It is recommended that all companies have robust guidelines around BYOD. Some companies are in a situation where employees need to use personal mobile devices for email and other tasks. People may also be working with a combination of personal and company devices as an interim step to ensuring business continuity.

The risk of data loss and exposure is significantly increased with BYOD. It’s therefore critically important that BYOD guidelines and protocols are reviewed and enhanced regularly.  This is because basic security controls may not be effective on mobile devices or non-company owned laptops when working from home. Well-developed BYOD programmes should be based on a clear understanding and an evaluation of potential data threats. These include mobile third-party applications, personal and corporate applications and unauthorised cloud-based storage applications.

Will working from home in the future be a major security risk?

No, not if business owners and employees act now to implement strategies and adhere to security guidelines to decrease the likelihood of cyberattacks. The nature of cybersecurity is that criminals have always adopted new ways to invade company and personal devices. Virtual private networks have become the new lifeline for many businesses, which is extending encrypted networks to our homes.

It is important for a business to do a full audit on where a threat could come from and put in place security structures to reduce the success of an outside attack.

There are sophisticated software packages and management tools available, which when implemented with the right security behaviours, will provide a robust defence for businesses fully adopting a smart working model.

For example, solutions such as Palo Alto Traps, can be easily sent to an employees’ device and provide enhanced support. Traps replace legacy antivirus and secure endpoints with a multi-method prevention approach that blocks malware and exploits, both known and unknown before they compromise laptops and other devices.

What security tips can you give to people who are working from home?

While we know that people are more cyber aware now than ever before, hackers are using these uncertain times as a prime opportunity for phishing and accessing personal and company information. Here are some steps to help people manage their security at home:

• Be vigilant – phishing emails may look like they come from an internal address, but if it looks any way unusual, it is important that you contact your IT department or the sender before opening the link. And be aware of free or limited offers from unknown parties and untrusted websites.
• Change your passwords – make sure your personal devices are secure by frequently changing passwords and not staying logged in to device/ platform when it is not in use. Remember that malicious attempts to gain entry to your WiFi are also possible. To mitigate this, and in terms of best practice, you should always change your home WiFi password from the generic admin password provided to a personalised one.
• Move to the cloud – where possible, make use of any cloud-based sharing platforms available to you to share files and edit online. Taking this approach will not only ensure your work is backed up, but it eliminates the need to download all of your files which are susceptible to ransomware attacks.
• Use your company – make sure you have access to your organization’s cloud infrastructure and can tunnel in through a VPN with encryption. This will make it difficult for your information to be hacked.