Strategies for Adapting to the New Remote/Hybrid Workforce
Many of us thought we would be back in the office by now and everything would return to the way it was before the pandemic. For most organizations that has not happened yet, and the workplace may never look the same.
One interesting trend that InvoiceCloud has observed is staff moving away from the office location, sometimes to a different time zone or country! Our system tracks logins from unusual locations such as a user working from an IP address in New York City one day, and a few days later from Paris. We have seen this happen multiple times and consequently reach out to the user to make sure this is legitimate. One hundred percent of the time it has been.
How will an ongoing remote/hybrid workforce impact your organization?
Your security program will need to take into account significant work being done outside the protected bastion of your offices. In the office you have firewalls to keep the bad guys out, and systems that keep an eye on your workstations and send an alerts to a server in the office to notify IT.
Here’s a common situation, how can you protect company laptops when staff is working at an establishment with unsecured Wi-Fi? Unfortunately, it is very easy to setup a fake Wi-Fi hotspot on a hacking computer and entice people to connect to it by giving it an inviting name like “Starbuckz High Speed”. Once connected, hackers are able to view all packets that go to and from the device. One proactive training solution is to have staff ask before connecting to any establishment’s hotspot for the approved name. If they are told that the establishment does not have a hotspot then they know the one they see is a fake!
Consider these tools to protect your staff and organization
- Use a Virtual Private Network(VPN) and set it up to send ALL traffic through it. If your VPN is onsite you will need to patch it regularly and manage it for uptime and security. There are hosted services (Software as a Service in IT speak) that take the headache out of this management.
- Do your security products download malware signatures and communicate alerts when staff are outside of the office? Again, a hosted solution may be a better alternative as it will keep the laptop up to date no matter where on the globe it sits, and you will get one central pane of glass to manage the clients and all alerts.
- Two must haves for workstation security are managed local disk encryption, and a managed local firewall. By being centrally managed, these systems will alert you if anything goes wrong with them, possibly indicating the system has been compromised.
- Another solution that you may want to consider is Virtual Desktops. This is especially true of users who are storing sensitive data on their local hard drive. It works by using the local computer only as a portal into a hosted virtual workstation that is fully protected in a cloud datacenter, and that connection is always encrypted. The big downside is that you must have a live internet connection to work on the virtual desktop. Maybe not a good solution for executives, but great for people that regularly handle sensitive data and are always connection while working like customer service staff.
This is not a comprehensive list but a starting point to approach security in this new world.