REMOTE
WORKING DUE TO
CORONAVIRUS?
HERE’S HOW TO DO IT SECURELY
With concerns over the current Coronavirus (COVID-19) outbreak
and the need to keep at-risk staff away from the office has
brought working from home to the top of everyone’s mind. As
many organisations are enabling and exploring this opportunity,
it is important for users and companies to stay secure while
protecting everyone’s physical health. Paul Ducklin, Principal
Research Scientist, Sophos, has listed a few tips to keep users
safe while working from home.
any if not most
M
organisations have
already crossed
the ‘working from
home’, or at least
the ‘working
while on the road’
bridge. If you’re on the IT team, you’re
probably used to preparing laptops for
staff to use remotely and setting up mobile
phones with access to company data.
But global concerns over the current
Coronavirus (COVID-19) outbreak and
the need to keep at-risk staff away from
the office, means that lots of companies
may soon and suddenly end up with
lots more staff working from home
and it’s vital not to let the precautions
intended to protect the physical health
of your staff turn into a threat to their
cybersecurity health at the same time.
Importantly, if you have a colleague who
needs to work from home specifically
to stay away from the office then you
can no longer use the tried-and-tested
approach of getting them to come in
once to collect their new laptop and
phone, and to receive the on-site
training that you hope will make them a
safer teleworker.
It may be a case of setting remote users
up from scratch, entirely remotely which
could be something new to you. So
here are our five tips for working from
home safely:
Make sure it’s easy for your
users to get started
Look for security products that offer
a Self-Service Portal (SSP). You are
looking for a service to which a remote
Paul Ducklin, Principal Research
Scientist, Sophos
user can connect, perhaps with a brand
new laptop they ordered themselves,
and set it up safely and easily without
needing to hand it over to the IT
department first.
Many SSPs also allow the user to
choose between different levels of
access so they can safely connect
either a personal device (albeit with
less access to fewer company systems
than they’d get with a dedicated device)
or a device that will be used only for
company work.
The three key things you want to be
able to set up easily and correctly are:
encryption, protection and patching.
Encryption means making sure that
full-device encryption is turned on and
62 Issue 24 | www.intelligentciso.com