The global pandemic has forced many companies to transition to a remote workforce quickly. While working from home provides flexibility, it introduces new cybersecurity risks that organisations must address.
Employees are now accessing company networks and data from home networks and devices that are likely less secure than office ones. This amplifies the requirement for enterprise-grade security for home working, especially in regulated industries.
Enforcing strong authentication
Companies need to implement cybersecurity best practices to create an office-like experience for remote employees. We recommend enforcing strong authentication policies to prevent unauthorised access to networks and data.
Require employees to use unique and complex passwords for all work accounts. Choose passwords at least 12 characters long and include upper and lowercase letters, numbers, and special characters. Set passwords to expire every 90 days.
Also, mandate multi-factor authentication (MFA) for remote access and other sensitive applications. MFA requires users to confirm their identity with an additional step beyond just a password, helping to secure the network.
Securing connections with VPN
Providing remote access via a VPN is also critical to secure connections to company resources. A VPN encrypts all traffic between the employee device and the company network to prevent eavesdropping and “man-in-the-middle” attacks.
The VPN server should be set up behind the company firewall to restrict access to only corporate-approved resources. Remote users should not be allowed to access network parts meant only for on-premises users.
Training employees on phishing and malware
With more employees working remotely, businesses are more vulnerable to phishing scams and malware due to a lack of oversight.
Security awareness training is essential to help employees identify fraudulent emails and unsafe links. Employees should learn to avoid clicking suspicious links and never enable macros in documents sent via email.
Leveraging AI-Based endpoint security
Advanced endpoint protection using AI is also key. Solutions like SentinelOne detect and automatically prevent malware and exploits across all remote devices.
Its AI-powered Static AI engine inspects files and processes to identify malicious code. Dynamic AI observes system behaviour to detect and block techniques like file-less and in-memory attacks.
With employees working remotely on unmanaged networks, it’s vital to have endpoint security solutions that provide proactive protection powered by AI. SentinelOne secures employee laptops and devices against today’s most advanced threats, even offline.
Confirming financial transactions
Businesses need secondary confirmation controls for handling financial transactions before sending wire transfers, especially overseas.
Fraudsters often spoof executive emails, so confirming transfer requests via phone or video call reduces business email compromise scams.
With vigilance and advanced protections like SentinelOne, companies can secure data, devices, and employees during this unprecedented situation.
For advise on implementing enterprise security for home working please do not hesitate to contact us.