In order to help employers in any company, large or small, Google explains what good practices they can implement for the security of your business when your staff works remotely.
Here are the 7 steps to follow to improve the security of your company on the internet especially if you are working from home.
1. Safer Logins Thanks To Two-Step Authentication: By setting up two-step verification, you greatly reduce the chance that someone will gain unauthorized access to your account. In our research, we have verified that an SMS code sent to a recovery phone number blocks 96% of massive phishing attacks and 76% of targeted attacks. In addition, security keys allowed to block 100% of massive phishing attacks and 100% of targeted attacks.
2. Keep Systems Up To Date: When possible, enable automatic updates to ensure you have the latest security fixes and built-in protections against malware and phishing. Automatic updating must be enabled for all the software that your company uses, as well as for the CMS of your website.
If automatic updating is not possible, periodically check for updates available. Avoid using applications that do not offer security options (for example, those that do not have an update option).
3. Keep A Backup Copy Of Your Company’s Website: The backup copy of your company’s website will be used to restore it and recover the original content. If possible, use the automatic backup feature and make multiple copies (for example, one online and one offline).
4. It Implements The HTTPS Protocol: HTTPS is a mechanism that allows a browser or an application to connect securely to a website. When you load a web page in simple HTTP, your connection is not encrypted, which means that anyone on the network can see any information that is transmitted and received and can even modify the content of the web before you see it.
On the contrary, with the HTTPS protocol, your connection to a website is encrypted so that no one can spy on you and the information you send to the website (for example, passwords or credit card data) will be private.
5. Train Employees: The training you provide your employees to learn how to be careful can improve the security of your company. It regularly offers training and resources, both general and specific; define clear rules and responsibilities for employees (for example, how to install and use the software); designs protocols for reporting incidents and security-related events, such as malware or phishing attacks, and rewards employees who report such incidents.
It is important to have guidelines for the use of social networks and the treatment of sensitive data (privileged access, restricted access by default and periodic audits).
6. Secure WIFI Network: Run a firmware update on the router. Make sure you have a strong password and consider replacing it, if you haven’t done so in a while, with a new, long and unique password. Remember to enable WPA2 encryption and enable the router’s firewall. If you have technically savvy employees, they should make the router ‘invisible’. This can be done from the panel of the router.
7. Use Of Work Devices: Communicate with your employees that they should avoid using work devices for private activities in order to reduce the risk of phishing and malware.
During the current coronavirus outbreak, people tend to look for up-to-date information on the spread of the virus and may unknowingly download malicious files that infect their working devices. Also, workers should use the screen lock even when they are at home, especially if they have children. Also, remind them not to share critical company information over unencrypted connections.