Over here at Irish Tech News we are taking Covid-19 seriously and thankfully we all work remotely. But what about our readers who are not yet working remotely? Well, don’t worry we have you covered. Later this afternoon we will be publishing a podcast dealing with remote working and how you can implement it. For those of you out there who are already working remotely or just started working remotely, Sophos Ireland have five tips for working from home safely and they can be seen below..
5 tips to help your business deal with Covid-19
- Make sure it’s easy for your users to get started
Look for security products that offer what’s called an SSP, short for Self-Service Portal.
What you are looking for is a service to which a remote user can connect, perhaps with a brand-new laptop they ordered themselves, and set it up safely and easily without needing to hand it over to the IT department first.
Many SSPs also allow the user to choose between different levels of access, so they can safely connect up either a personal device (albeit with less access to fewer company systems than they’d get with a dedicated device) or a device that will be used only for company work.
The three key things you want to be able to set up easily and correctly are: encryption, protection and patching.
Encryption means making sure that full-device encryption is turned on and activated, which protects any data on the device if it gets stolen; protection means that you start off with known security software, such as anti-virus, configured in the way you want; and patching means making sure that the user gets as many security updates as possible automatically, so they don’t get forgotten.
Remember that if you do suffer a data breach, such as a lost laptop, you may well need to disclose the fact to the data protection regulator.
If you want to be able to claim that you took the right precautions, and thus that the breach can be disregarded, you’ll need to produce evidence – the regulator won’t just take your word for it!
- Make sure your users can do what they need
If users genuinely can’t do their job without access to server X or to system Y, then there’s no point in sending them off to work from home without access to X and Y.
Make sure you have got your chosen remote access solution working reliably first – force it on yourself! – before expecting your users to adopt it.
If there are any differences between what they might be used to and what they are going to get, explain the difference clearly – for example, if the emails they receive on their phone will be stripped of attachments, don’t leave them to find that out on their own.
They’ll not only be annoyed but will probably also try to make up their own tricks for bypassing the problem, such as asking colleagues to upload the files to private accounts instead.
If you’re the user, try to be understanding if there are things you used to be able to do in the office that you have to manage without at home.
- Make sure you can see what your users are doing
Don’t just leave your users to their own devices (literally or figuratively).
If you’ve set up automatic updating for them, make sure you also have a way to check that it’s working, and be prepared to spend time online helping them fix things if they go wrong.
If their security software produces warnings that you know they will have seen, make sure you review those warnings too and let your users know what they mean and what you expect them to do about any issues that may arise.
Don’t patronise your users, because no one likes that; but don’t leave them to fend for themselves, either – show them a bit of cybersecurity love and you are very likely to find that they repay it.
- Make sure they have somewhere to report security issues
If you haven’t already, set up an easily remembered email address, such as security911 @ yourcompany DOT example, where users can report security issues quickly and easily.
Remember that a lot of cyberattacks succeed because the crooks try over and over again until one user makes an innocent mistake – so if the first person to see a new threat has somewhere to report it where they know they won’t be judged or criticised (or, worse still, ignored), they’ll end up helping everyone else.
Teach your users – in fact, this goes for office-based staff as well as teleworkers – only to reach out to you for cybersecurity assistance by using the email address or phone number you gave them. (Consider snail-mailing them a card or a sticker with the details printed on it.)
If they never make contact using links or phone numbers supplied by email, they are very much less likely to get scammed or phished.
- Make sure you know about “shadow IT” solutions
Shadow IT is where non-IT staff find their own ways of solving technical problems, for convenience or speed.
If you have a bunch of colleagues who are used to working together in the office, but who end up flung apart and unable to meet up, it’s quite likely that they might come up with their own ways of collaborating online – using tools they’ve never tried before.
Sometimes, you might even be happy for them to do this if it’s a cheap and happy way of boosting team dynamics.
For example, they might open an account with an online whiteboarding service – perhaps even one you trust perfectly well – on their own credit card and plan to claim it back later.
The first risk everyone thinks about in cases like this is, “What if they make a security blunder or leak data they shouldn’t?”
But there’s another problem that lots of companies forget about, namely: what if, instead of being a security disaster, it’s a conspicuous success?
A temporary solution put in place to deal with a public health issue might turn into a vibrant and important part of the company’s online presence.
So, make sure you know whose credit card it’s charged to, and make sure you can get access to the account if the person who originally created it forgets the password, or cancels their card.
So-called “shadow IT” isn’t just a risk if it goes wrong – it can turn into a complicated liability if it goes right!
Most of all…
Most of all, if you and your users suddenly need to get into teleworking, be prepared to meet each other halfway.
For example, if you’re the user, and your IT team suddenly insists that you start using a password manager and 2FA (those second-factor login codes you have to type in every time)…
…then just say “Sure,” even if you hate 2FA and have avoided it in your personal life because you find it inconvenient.
And if you’re the sysadmin, don’t ignore your users, even if they ask questions you think they should know the answer to by now, or if they ask for something you’ve already said “No” to…
…because it might very well be that they’re asking because you didn’t explain clearly the first time, or because the feature they need really is important to do their job properly.
We’re living in tricky times, so try not to let matters of public health cause the sort of friction that gets in the way of doing cybersecurity properly!
Sgt. Phillip Esterhaus in the 80’s TV show had a saying that is very fitting today, “Let’s Be Careful Out There.” So please don’t take any unnecessary risks and don’t forget to listen in to our latest podcast about remote working which will be published later today.
More about Irish Tech News and Business Showcase here
FYI the ROI for you is => Irish Tech News now gets over 1.5 million monthly views, and up to 900k monthly unique visitors, from over 160 countries. We have over 860,000 relevant followers on Twitter on our various accounts & were recently described as Ireland’s leading online tech news site and Ireland’s answer to TechCrunch, so we can offer you a good audience!
Since introducing desktop notifications a short time ago, which notify readers directly in their browser of new articles being published, over 30,000 people have now signed up to receive them ensuring they are instantly kept up to date on all our latest content. Desktop notifications offer a unique method of serving content directly to verified readers and bypass the issue of content getting lost in people’s crowded news feeds.
Drop us a line if you want to be featured, guest post, suggest a possible interview, or just let us know what you would like to see more of in our future articles. We’re always open to new and interesting suggestions for informative and different articles. Contact us, by email, twitter or whatever social media works for you and hopefully we can share your story too and reach our global audience.
Irish Tech News
If you would like to have your company featured in the Irish Tech News Business Showcase, get in contact with us at [email protected] or on Twitter: @SimonCocking
More about Irish Tech News
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.