10 tips to ensure IT security in the home office

/
/
10 tips to ensure IT security in the home office

Many employees have been sent home in a hurry and asked to work from home, but it is far from everyone who has installed a secure IT system for this form of work. 

It is not only important to have a secure IT system in the office, but also to reach your employees at home, as otherwise it can have major consequences for your company. 

Most employees use the work computer from home and log on to the same network. like the other private units in the home. Another scenario could be that the employee uses his own private computer to work on. 

These are two factors that help increase the risk that hackers can more easily access your company's sensitive information, which can quickly become an expensive pleasure to rectify. 

For example, the hearing aid company Demant was hit by ransomeware, which cost the company 600-700 million kroner and in general the threat is increasing, as more employees work at home.

Cyber ​​attacks cost Danish companies 600-700 million kroner and the threat is increasing. 

When hackers make a ransomware attack, they enter your computer without being detected. Here, they encrypt your data so that the system does not work, in order to blackmail the company. 

According to a new report from Check Point Research, over the past three months there has been a full 50% increase in daily cyber attacks compared to the first half of 2020. 

Based on the significant increase, Check Point therefore encourages Danish companies to focus on their IT security. 

10 Tips on How to Protect Your Business from Cyber ​​Attacks. 

To make homework and the company more secure, here are 10 important measures, some of which can be implemented quickly, while others require the development of both IT and security strategies, as well as new investments.  

Use cloud-based or cloud-centric security solutions for all IT security controls
Make sure your IT security check: network, web, email, endpoint, identity management, authentication, access management, SIEM / SOAR - works fully no matter where your employees are. This is where it's a really good idea that your company's IT system is cloud-based, where all your data is migrated and encrypted, which your employees can easily access when working elsewhere than in the office. 

2. Encrypted internet access with VPN
When you go to the internet on your computer, there is a risk that hackers can keep track of what you are doing. This underscores the importance of getting a VPN connection, which encrypts your online traffic and thus helps you protect. your personal information. 

3. Anti-virus program 
A good antivirus program, scans the files that you download from the Internet, warns you about suspicious websites and protects your personal account information etc.

4. IT security policy 
It is essential to have a proper and up-to-date IT security policy. 

It must contain management strategy, guidelines for how you should react to a cyber attack, as well as rules and guidelines for employees' digital behavior, which help to minimize the risk that a possible attack may be completed. It is a good starting point for what a good IT security policy should include. 

At the same time, it's a good idea to keep your company's IT department updated on the top 10 list of the most well-known attacks, to know what to include in your IT security policy. 

5. Secure your employees' mobile devices with Mobile Device Management (MDM)
It's about protecting and managing all your company's mobile devices, which you can do with MDM. With this software you get a good overview of the employees' activities and can thus ensure that they do not download malicious applications. 

6. Secure your online meetings 
Use a cloud-based communication tool such as Microsoft Teams, Zoom or Slack. When using these communication tools, also use their built-in security settings to avoid unauthorized access. 

7. Educate your employees in IT awareness 
We recommend that employees be taught safe digital behavior once a year. 

It is about having a clear process for employees, customers and partners, in relation to dealing with the security issues that they encounter.

As your employees are taught, they will avoid suspicious aspects to a greater extent and at the same time be extra aware of potential risks. In addition, there must of course be a process for collecting, managing, testing, examining and trading on their reports.  

8. Always update your software programs

  • Your operating system, such as Windows 10. 
  • Antimalware and antivirus.
  • Other third-party software such as Adobe Reader, Java and Chrome.  

9. Back-up, back-up and back-up again!
Tags back-up of your data, as often as possible. 

Create a back-up strategy. We recommend 3-2-1 Back-up Strategy. 
3. Make 3 copies of your data. 
2. Save the copies on 2 different storage devices. 
1. Save 1 copy to an off-site repository in the cloud. 

10. Use Multi-Factor Authentication (MFA) and different passwords
Without MFA, your data and applications in the cloud are more vulnerable to cyber attacks, as hackers can more easily access your data. 

We recommend using MFA, as with MFA you can log in to the systems with several devices if your mobile phone e.g. being stolen. 

Do you have questions about how we can secure your business? 
contact us non-committal today and let's talk about how we can help you get started on avoiding cyber attacks.