Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages

Remote working – safeguarding your data

As the COVID-19 lockdown persists, we continue our series of blogs relating to remote working and protecting your business communications. Here, we share some best practice and procedures to help keep your business safe from online threats.

Protecting your business

During this unprecedented period more employees than ever are working from home and, as a result, you are likely to be allowing many more different devices than before to connect to your network. This unfortunately increases the likelihood of a security breach occurring and presents an opportunity to cyber criminals.

Security breaches can take many forms, from deliberate hacking, to accidental loss of personal data, to phishing and malware threats, any of which could have serious detrimental consequences to your business.

To reduce risk, network infrastructure should be super strong and provide a high level of protection – but your network is only as secure as the clients that are connecting to it. We have created a three-point plan to help you stay safe whilst reaping the rewards of remote working.

Connect securely to safeguard any information that is accessed remotely – this will also protect the integrity of the device being used

 Firewall

Firewalls prevent unauthorized access by a third party to a private network. They create a buffer zone between your own network and external networks such as the internet. It is important to make sure your network has a robust firewall which is locked down to only allow access to permitted traffic.

Virtual private network (VPN)

A VPN allows you to create a secure connection to another network over the internet before sensitive data is sent. If using a third party VPN, make sure you have the technical ability to configure it yourself – also consider that if all employees use the same VPN connection that you may have inadvertently created a single point of failure.

Encryption

Data should be protected by being encrypted before being sent or stored. Complex algorithms conceal and lock your data packages, making them difficult to hack without the correct encryption key.

Educate employees on how to stay safe when using devices away from the office – this includes how to store devices safely and build up an awareness of potential risks

Access & authentication

Two-factor authentication, using a separate device like a mobile phone to prove your identity for added security, is one of the first and most important measures that can be implemented.

Password protection

When implemented correctly, passwords are a free, easy and effective way to prevent unauthorised access to your devices. Passwords should be easy to remember, but hard to guess. If complex passwords are enforced, then password expiration times may be extended or removed altogether. In fact, the latest guidelines advise that suitably strong passwords should not be changed periodically, but only in the case of a suspected compromised account. Always change default passwords before devices are distributed to staff.

Data protection

Data is shared everywhere with varying degrees of sensitivity to your business, its customers and competitors. The General Data Protection Regulation (GDPR) dictates that both businesses and individuals have an increased responsibility to protect data handling and storage. Strict processes must be observed to avoid severe penalties and fines.

Phishing & malware

We have already seen an increase in phishing attacks surrounding the COVID-19 pandemic. Cyber criminals are preying on people’s fears of the coronavirus and are using emails to try and trick users into clicking on a bad link by promising new information or encouraging them to donate money to what looks like a good cause. Ask staff to remain vigilant and share with them regular updates of recent and ongoing threats.

Lost property

Physical security of devices also needs careful consideration. Limit the amount of data stored locally on devices and encrypt hard drives as required in case a device is lost or stolen. Enable automatic screen lock PINs or passwords across devices where available.

Implement a specific Mobile Working Policy – this ensures sure all staff members, including those primarily office-based, understand their responsibilities when working remotely

 Principle of least privilege (PoLP)

Use the PoLP when configuring accounts. Make sure each user has the correct access to systems but that the level of permissions given is always the lowest needed to perform their job function. This will help reduce the impact should an employee fall victim to a phishing attack, for example.

Bring your own device (BYOD)

Flexibility in working practices has resulted in an increased number of employees wanting to use their own devices to access company data. IT departments must implement policies that govern the management of unsupported devices to ensure anti-malware software is up to date as some of these devices may have already been compromised or could be in future.

Collaboration software

All virtual meetings should be protected using a randomly generated password with screensharing restricted to only enable the host (or persons authorised by the host) to share content. Only share the view of relevant applications rather than sharing the entire desktop with attendees. GDPR legislation still applies to videoconferencing – anyone using a webcam must ensure no confidential or sensitive information is visible, for example confidential paperwork on a desk or data displayed on a whiteboard in the background.

Recovery & reporting

If there is a security breach or system failure, there should be a clear reporting procedure in place, this will include who to report a problem to, what action will follow, and who should be informed if data has been wrongly accessed or exposed. Encourage all staff to ask for help (regardless of their location) if they are concerned or think they might have been a victim of a cyber attack. Do not punish staff if they are accidentally caught out.

Get in touch

Having been awarded the highest cyber security accreditation available under the government-backed Cyber Essentials Scheme, the Incom-CNS Group are proud to uphold first-class security standards.

Whether you are an existing customer or not, we are experts in helping organisations work remotely and securely, so if you need assistance with anything mentioned above or other professional advice on keeping your business communications operational, our team can help. Please contact us on 0161 788 0000 or email service@incom.co.uk

Read more blogs in this series:

First steps for your emergency communications plan

Keeping the conversation flowing

Get in touch


0161 788 0000

We pride ourselves on offering businesses award-winning customer service and first-class advice on every aspect of business communications. We would love to learn more about you and your specific communications needs, so please get in touch.


Manchester University NHS Foundation Trust

The Trust has a long-standing relationship with Incom-CNS and considers them an important partner. The Mitel solution has delivered the increased resilience required for our critical services.

Premier Holidays

The Mitel solution from Incom-CNS has helped us to save money, improve our flexibility to manage seasonal demands, increase our efficiencies and deliver exceptional customer service.

The Range Superstores

Our customers can speak to the right person, first time, and this level of service sets us apart from the competition. In Incom-CNS and Mitel we have the perfect partnership.

Harley Medical Group

Throughout our relationship, I have found Incom-CNS to be very helpful and professional. I would not hesitate to recommend Incom-CNS to other companies.

Stafford and Rural Homes

The Mitel system from Incom-CNS will pay for itself in two years through significantly reduced management costs and savings on our telephone bill in the order of 20%.

Nine St John Street Chambers

We have worked with Incom-CNS for twenty years and trust their advice and technical capabilities. The Mitel platform is a reliable solution that meets our current and future requirements.

Ison Harrison Solicitors

Put simply, the Mitel Unified Communications solution deployed by Incom-CNS delivers less complexity, ease of use and a much lower total cost of ownership to Ison Harrison.

What we’re saying

3rd Jun, 2020

Wellbeing: Out of office

Read More
4th May, 2020

How to: Work from home

Read More
20th Apr, 2020

Remote working – safeguarding your data

Read More