How to Build a Top-Notch Remote Workforce
The age of the remote workforce has arrived.
While the growing popularity of telecommuting may present new challenges for your operation, it also opens opportunities to get the best talent for the job without being limited by physical location. But How to successfully transition to this work environment and how to offer the best cybersecurity best practices?
We reveal Cybersecurity tips for staff working remotely and The best practices to work from home.
20% of remote workers say their biggest challenge is collaboration and communication, and 20% say it is loneliness
DEFINE YOUR HOME WORKSPACE
Establish a dedicated, quiet area of your home as your workspace. Doing so can help you define boundaries for when you’re working and when you’re off-duty at home, and it can help you get into the rhythm of work each day by stepping into your “office.”
ESTABLISH ONLINE MEETING ETIQUETTE
For conference calls, encourage the use of muting when not speaking and be sure to announce yourself and speak clearly. Video meetings are the best way to connect and collaborate remotely but can offer distractions — try to keep your room well-lit and look at the camera while speaking. It can be tempting to multi-task during online meetings, but other participants can tell if you aren’t focused — stay engaged and present!
LEARN TO USE IDENTITY & STATUS
To avoid distracting a busy colleague or wasting time by trying to reach someone who is unavailable, learn to check their presence status. Teams integrate with your calendar to automatically update your presence when “In a meeting”, but you should make it a habit to change your status to “Be right back” or “Do not disturb” so your colleagues know you when you can’t be reached. Setting status messages can provide even further context to your team.
Clearly communicate your availability schedule to your colleagues and use group chats to keep relevant team members up to date on project progress.
As they say, communication is key - especially when it comes to remote workforce success. Anyone who has ever experienced working remotely can attest to this statement. That’s why it’s essential that you have the proper channels in place to streamline information and open the door for transparency and communication among your workforce. Using an internal chat can enable quick and easy communication between employees. Video chat capabilities can also be an effective way to help ease the distance of a remote workforce, especially when used to conduct remote meetings. check our CloudPBX and CCaaS
ALIGN COMPANY CULTURE Build a Culture of Leadership Empower your remote workers by providing autonomy, rather than micro-management. Clearly communicate this expectation of autonomy with your management team as complications and wasted time can result from attempts at constant oversight and unnecessary questioning. Have Fun Don’t be afraid to mix work and play.
Set Clear Expectations and Responsibilities
The first step to onboarding your new employees should be to provide a comprehensive introduction to the company. Clearly communicate your company’s vision, mission, and values, as well as acquaint them with the rest of the team. Also, encourage workers to seek help and consult one another by establishing Standard Operating Procedures (SOPs). SOPs can include processes ranging from day-to-day tasks to business decision criteria. Each SOP should have an established owner/proxy relationship without a direct connection to the business owner. This will empower remote workers with the ability to make timely, efficient decisions when necessary.
Provide Training Opportunities Learning the various aspects of a new job can be overwhelming, which is why we recommend equipping your new hires with a welcome kit on their first day. By starting out with a solid foundation, new employees can feel a greater sense of support throughout the onboarding process. Be sure to include playbooks for internal processes, a list of online resources to use while in the field, SOPs, and access to the appropriate software tools to ensure a job well done. As an added bonus, tutorial videos on such tools can be extremely beneficial if the newcomer is unfamiliar with the software.
Cybersecurity tips for staff working remotely
We reveal how to stay safe online while working from home.
Amidst the coronavirus pandemic, many governments are moving into the “delay” phase of their strategy to fight the virus. This includes social distancing techniques including closing schools and asking people to work from home. Elsewhere, people are having to or opting to work remotely to self-isolate or to simply help slow the spread of the virus.
The internet era and progress in technology has made it trivially simple for many of us to carry out our regular duties from the comfort of our couch. In fact, many people already work full-time from the comfort of their homes or local coffee shop. That said, this luxury comes with its downsides, mainly by way of online security threats. Not only can remote workers have their own privacy put at risk, working from home could result in breaching company security too.
here, we reveal tips to help you stay safe online so you can do your job with peace of mind.
Online threats to remote workers
Before delving into the tips, let’s take a look at a few of the online threats that remote workers should be aware of.
Unsecured wifi networks: Most workers will be working out their home where they can secure their wifi. But some may have to use unsecured public wifi networks which are prime spots for malicious parties to spy on internet traffic and collect confidential information.
Using personal devices and networks: Many workers will be forced to use personal devices and home networks for work tasks. These will often lack the tools built into business networks such as strong antivirus software, customized firewalls, and automatic online backup tools. This increases the risk of malware finding its way onto devices and both personal and work-related information being leaked.
Scams targeting remote workers: We’ll likely see an increase in malicious campaigns targeting remote workers. What’s more, with many employees lacking remote work opportunities, we’ll no doubt see an increase in the prevalence of work-from-home scams.
Thankfully, armed with the right knowledge and tools, you can stave off many of these threats and continue getting your work done.
Note that before you take your own measures to protect your online security, you should check in with your employer to see if they have any protocols in place. In light of the COVID-19 crisis, many companies are hastily putting together work-from-home plans. They may be able to provide you with specific directions on how to handle certain aspects of cybersecurity and perhaps provide access to some of the tools you need.
Thankfully, even if your employer doesn’t offer such protocols, or if you are self-employed, there are some simple steps you can take to protect yourself while working from home:
Use strong passwords
Set up two-factor authentication
Use a VPN
Set up firewalls
Use an antivirus software
Secure your home router
Install updates regularly
Back up your data
Beware remote desktop tools
Look out for phishing emails and sites
Watch out for work-from-home scams
Use encrypted communications
Lock your device
Let’s look at each of these in detail:
1. Use strong passwords
It’s as important as ever to ensure that all accounts are protected with strong passwords. Unfortunately, many people still use the same password across multiple accounts. This means that all it takes is one compromised password for a criminal to take over all of your accounts. They take leaked usernames and passwords and attempt to log into other online accounts, a tactic called credential stuffing.
Passwords should be unique for every account and should comprise a long string of upper and lower case letters, numbers, and special characters. Clearly, it’s difficult to remember all these passwords, which is why password managers are such popular tools these days.
A password manager will create, remember, and autofill passwords for you.
2. Set up two-factor authentication
Having a strong password often isn’t enough, for example, if your credentials are leaked in a data breach. Two -factor authentication (2FA) and two-step verification (2SV) involve an additional step to add an extra layer of protection to your accounts.
The extra step could be an email or text message confirmation, a biometric method such as facial recognition or a fingerprint scan, or something physical, such as a USB fob.
3. Use a VPN
Many people are familiar with using a Virtual Private Network (VPN) to bypass geographic restrictions on streaming sites and other location-specific content. Indeed, since a VPN tunnels your traffic through a server in the location of your choice, it’s ideal for location spoofing.
But a VPN has another important role, and that’s improving your online privacy. A VPN encrypts all of your internet traffic so that it is unreadable to anyone who intercepts it. This keeps it away from the prying eyes of any snoopers, including your Internet Service Provider (ISP), government agencies, or hackers.
Note that using a VPN can slow down internet speeds. If you need to perform high-bandwidth tasks such as holding video conference calls, you need a VPN known for its speed and reliability considering options.
4. Set up firewalls
Firewalls act as a line defense to prevent threats entering your system, They create a barrier between your device and the internet by closing ports to communication. This can help prevent malicious programs from entering and can stop data leaking from your device.
Your device’s operating system will typically have a built-in firewall. In addition hardware firewalls are built into many routers. Just make sure that yours are enabled.
If you don’t have a built-in firewall or are looking for some added protection, there are plenty of third-party firewalls available.
5. Use an antivirus software
Although a firewall can help, it’s inevitable that threats can get through. Good antivirus software can act as the next line of defense by detecting and blocking known malware.
Even if malware does manage to find its way onto your device, an antivirus may be able to detect and in some cases remove it.
Norton, McAfee, and Bitdefender are some recommended options if you don’t already have antivirus software.
6. Secure your home router
Do you know if you changed your router password when it was first installed? Many people didn’t, leaving their home network vulnerable. It’s important to take simple steps to protect your home network to prevent malicious parties from having access to connected devices.
Changing your router password is a good first step, but there are other actions you can take. For example, you should make sure firmware updates are installed so that security vulnerabilities can be patched. The encryption should be set to WPA2 or WPA3. Restrict inbound and outbound traffic, use the highest level of encryption available, and switch off WPS.
7. Install updates regularly
Updates to device software and other applications can be a source of annoyance. But they really are important. Updates often include patches for security vulnerabilities that have been uncovered since the last iteration of the software was released.
In many cases, you can set updates to run automatically, often while you’re sleeping, so you don’t have to worry about downtime.
8. Back up your data
Data can be lost in a number of ways, including human error, physical damage to hardware, or a cyberattack. Ransomware and other types of malware can wipe entire systems without you having a chance to spot it
Clearly, there are plenty of reasons to keep your data backed up. While hardware backups are still an option, one of the most convenient and cost-effective ways to store your data is in the cloud. Cloud backup services come with a wealth of options enabling you to customize your backup schedule and storage options.
9. Beware remote desktop tools
Many employers will be allowing employees to access their work networks via Remote Desktop Protocols (RDPs). While this can be secure, a 2019 CheckPoint study found security problems with some of the most popular RDP tools for Linux and Windows.
If you have the option of choosing your RDP tool, you can check out our list of recommendations, with SolarWinds being our top choice.
10. Look out for phishing emails and sites
Phishing emails, as well as voicemails (vishing) and text messages (smashing), are used by cybercriminals to “phish” for information. This information is usually used in further schemes such as spear-phishing campaigns (targeted phishing attacks), credit card fraud, and account takeover fraud.
With the rise in the number of people working from home due to the coronavirus outbreak, no doubt there will be plenty of cybercriminals looking to cash in on the trend. It’s highly likely that phishing emails will target remote workers in a bid to steal their personal information or gain access to company accounts.
To spot a phishing email, check the sender’s email address for spelling errors and look for poor grammar in the subject line and email body. Hover over links to see the URL and don’t click links or attachments unless you trust the sender 100 percent. If in any doubt, contact the alleged sender using a phone number or email address that you find somewhere other than in the suspicious email.
If you do click a link and end up on a legitimate-looking site, be sure to check its credibility before entering any information. Common signs of a phishing site include lack of an HTTPS padlock symbol (although phishing sites increasingly have SSL certificates), misspelled domain names, poor spelling and grammar, lack of an “about” page, and missing contact information.
11. Watch out for work-from-home scams
As well as targeted phishing attacks, we’re likely to see an increase in work-from-home scams and other schemes that typically target gig economy workers. Many of these requests personal information or upfront payments before you can begin work. By the time you realize it’s a scam, the fraudster has ceased contact and stolen your money or taken over accounts.
If you’re looking for freelance work, use reputable sites that offer protection to both clients and freelancers such as Upwork and Freelancer. Never share personal information with a client that you haven’t thoroughly researched. And don’t work with anyone who requests an upfront fee.
Also, be on the lookout for pyramid and multi-level-marketing (MLM) scams as these are often well-disguised as legitimate and attractive work-from-home opportunities.
12. Use encrypted communications
Of course, there are times when you need to communicate with fellow workers, and it’s common for those emails to include sensitive information. If your company doesn’t already provide you with secure methods of communication, you may have to come up with your own options.
Thankfully, many mainstream messaging services such as Signal, WhatsApp, And Telegram come with end-to-end encryption as default or as an option.
Create a password required to join VideoConference rooms, and totally avoided usage of On-the screen keyboard while sharing the desktop, if you do this will allow the other person to see any passwords typed.
Need to use email? Encryption using mainstream email clients can be tricky, but there is the option to switch to specialized encrypted email.
13. Lock your device
If you do have to work in a public space, or if you live with people who you can’t share work information with, then it’s important to keep your device secure. Password-locking your device will usually encrypt its contents until someone enters the password.
If you’re looking for more protection, you can use an additional full-disk encryption tool.
Check List for Remote Workers.
Is multi-factor authentication (MFA) enabled?
Did employees receive guidance on how to use MFA (and authenticator apps, if applicable)?
Is conditional access enabled and configured?
Do you have the ability to remotely wipe company data from lost or stolen laptops and mobile devices?
Are you using whole disk encryption to encrypt the physical hard drive of company laptops?
Do you have an email security product in place?
Were employees trained to recognize and report phishing attempts?
Have you installed a web security app to prevent users from visiting malicious sites?
Have you set up data loss prevention policies and/or set applicable restrictions on external file sharing?
Have you created a remote work and data protection policy for employees to sign?
Have you conducted end-user training on remote security policies and best practices?
Do you have endpoint protection installed for all remote machines?
If you are subject to compliance regulations, do you have policies and procedures in place to ensure compliance?
Are employees trained to enforce those policies?
What is your incident response plan during times of company-wide remote work?
If you require support from any of the questions above, don't hesitate in communicating with our professional services.