ManhattanTechSupport.com Rebrands as Homefield IT; Providing Strategic Technology Services Across the Country.

Learn More

How To Protect Your Distributed Workforce From Cyber Threats

Take a deep dive into how companies can deal with cyber threats with a multi-location team. Whether near or far, Manhattan Tech Support can help you ensure you’re not a victim of those sneaky hackers.

June 15, 2021Homefield IT

IT Consulting & StrategySecurityTech Support & Managed IT ServicesConstructionEducationFinanceHealthcareLegalNon-ProfitsReal EstateStartups

After over a year of working from home, a lot of companies are growing used to the idea that insisting everyone come into the office isn’t necessarily the best approach.

People are often way more productive when they’re able to work from where they want.

But, having a distributed workforce requires a little extra care when it comes to IT security since everyone is working with different setups at home.

Here’s what you need to know.

Protecting your distributed workforce

When everyone is in-house, cybersecurity is easier. Everyone’s using the same network, they’re in the same building, and they don’t have to use personal devices for anything work-related.

But, with a distributed workforce, you need to be more careful and aware of security with everything that you do.

Security training

This is the biggest thing you can do to keep your staff protected. Famously, it’s been reported that as many as 95% of cyberattacks are caused by human error. And, although that stat is a few years old at this point, people haven’t gotten much better. The problem isn’t that people aren’t safe, it’s that most of us are pretty distracted while we’re at work. We’ve always got a few things on the go, deadlines are tight, and when you add in the extra distractions that come with working from home, people can make mistakes and click on the wrong link without meaning to.

This is why security training is critical to keeping your business safe. Good security training for your staff needs to touch on all the important aspects of cybersecurity, like knowing what the current threats going around are, understanding how to spot a phishing email, good password protocol, and what you should do if you get hacked. You’ll also want to make sure that you take the training beyond theoretical and run phishing simulations to help drive home the importance of knowing what to watch for.

Virtual Private Networks (VPNs)

This piece of security infrastructure is a critical part of keeping a distributed workforce safe. VPNs are secure tunnels that allow users to gain access to your network infrastructure. They provide users with a way to log into a closed network (like your internal business network) securely, prevent private data from being visible on the open internet, and encrypt your data as it’s being used.

These are especially important in remote working situations because you don’t have much, or any, control over how someone’s home network is set up. Not only that, but if your customers are working from public WiFi networks, like from a coffee shop, library, or even a co-working space, you’re greatly reducing the likelihood of an attack.

Access control

When something does go wrong, having access controls in place can help limit the damage that is done. Systems like role-based access control (RBAC) make it harder for hackers to get into your entire network. This happens because RBAC ensures that users only have access to the parts of your system they need to do their jobs, and nothing else. That means the CEO has restrictions, the mailroom staff have restrictions, even your network teams have restrictions. You do this because you don’t want anyone person to be a major point of failure for your company.

If hackers could target a CEO and gain access to your entire network, you’d be in trouble (especially if your CEO is using a weak password). However, if they target your CEO and can only access a few parts of your network, the damage won’t be as bad. You can easily lock down the compromised sections and restore them from backup.

When there’s a situation where someone needs access to something they don’t normally use, you can grant them temporary access with credentials that expire once the project is done.

Enhanced security protection

With a distributed workforce, you’re not just watching one place, you’re monitoring every place that employees are working from. This means you need to have a security program in place that provides an exceptional level of protection.

Monitoring is a must as being proactive almost always results in better response times and outcomes. Having a dedicated security team (like with a manage security solutions provider) also helps by removing the task from your hands and passing it over to folks who live and breathe security.

Network monitoring

The best way to manage a cybersecurity issue or breach is to act as soon as it happens, not once it becomes a major problem. This is especially important with a distributed workforce because you may not be in the office to notice something has happened until it’s too late.  That’s where network monitoring comes in. Ideally, you’ve got someone watching your network for any suspicious activity 24 hours a day, seven days a week. The last thing that you want is to come back after a nice long weekend and learn that someone hacked your network at 6:05 on Friday night.

Physical security

Just like physical security is important when you’re in the office itself, it’s equally important for a distributed workforce. Making sure that your employees understand that they need to take extra steps to keep their working environment safe can save you a lot of headaches along the way.

Things like making sure that you don’t leave work laptops unattended in coffee shops or cars, using privacy screens when working in public (like on planes), and whenever possible, having workspaces that can be locked. Even small details like ensuring your computers are logged out when you step away from them for a moment can have a huge impact on the security of your confidential business data.

Disaster recovery and backups

It’s not something that you want to rely on, but having a plan B for when things go wrong helps a lot. Disaster recovery is often the best plan B. Disaster recovery gives you a way to quickly get back on your feet after an issue in a way that minimizes downtime and data loss. Not only does it cover you in case of an attack, but if someone is working in an area prone to natural disasters, like forest fires or hurricanes, you have backups ready just in case something happens.

Separate work and personal devices

This one isn’t always possible, but if you can, provide employees with separate devices for work. When you get into a situation where you’re using personal devices for work, you risk the safety of your business. People are always forgetting phones and other devices. They lose them, they get broken and need to go to repair shops. There’s always something. Every one of those moments is a time when someone could potentially compromise the security of your company.

If you can’t offer separate devices, you’ll need to ensure that you’ve got a rock-solid mobile device management platform (MDM) in place.  MDMs provide better security for phones and tablets and, if something does happen to the device, they can quickly and easily be wiped clean so hackers and criminals can’t get the data.

Need help keeping your distributed workforce safe?

There are a lot of little details that come into play when you’re keeping your distributed workforce safe and managing all those yourself while trying to run a business, can be tricky. That’s where managed services providers (MSP) come in.

An MSP, like us, can help you manage your workforce in a way that is secure but doesn’t restrict access or their ability to work, regardless of where they do their jobs. If you’d like to learn more about keeping your remote employees safe, let’s talk. We have over 20 years of experience keeping businesses protected and productive.

[sales-phone] | [email-address]

Related Articles

AI trends in IT management

calendar March 22, 2023

author Homefield IT

Artificial Intelligence Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

AI trends in IT management

AI is on everyone’s minds these days. ChatGPT3 and OpenAi have brought what’s possible to the mainstream in a way we haven’t seen outside of movies before. If you’ve spent any time following the trends online, there’s a lot of praise for what’s possible, what could be possible, and what will be possible over the […]

Read More
Best Microsoft 365 features for 2023

calendar March 15, 2023

author Homefield IT

Business Intelligence Cloud Services IT Consulting & Strategy Software Development Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Best Microsoft 365 features for 2023

Microsoft’s office suite (now called Microsoft 365) has come a long way from its early days as a word processor and spreadsheet platform. These days, Microsoft 365 is a powerhouse of productivity tools that handle everything from word processing to email and everything in between. With all the products and features that come bundled into […]

Read More
Digital Trust – what is it and how does it affect your business

calendar March 8, 2023

author Homefield IT

Business Intelligence Cloud Services Cyber Insurance IT Consulting & Strategy Security Tech Support & Managed IT Services Telecommunications Construction Education Finance Healthcare Legal Non-Profits Real Estate Startups

Digital Trust – what is it and how does it affect your business

It seems we hear new stories about cybercrime every day. The stories range from huge ransomware attacks on hospitals to city infrastructure being compromised. It might seem like this isn’t something that you and your business need to worry about, but it matters more each day. Customers need to know that your business (and by […]

Read More