IT security in the Home Office – this is what companies must pay attention to
The concern of many people about the spread of the coronavirus, as well as the stricter measures taken by the Swiss Federal Office for Health (SFOH) on 13.03.2020, are prompting many companies to have their employees work from home office. Security at the home office is an option that cannot be dispensed with today. Learn more about security aspects that you should pay particular attention to.
In recent days, many employees have been instructed to work from home. The rapid transition from the office to the home office can bring with it some security risks. We show you what measures you should take to ensure IT security in your home office.
Determine the end device protection of your employees in the homeoffice
The current situation has meant that not all companies have had enough time to equip their employees with the right equipment. Many people therefore work with private end devices and access the business environment via VPN. With the so-called BYOD concept (Bring your own device), companies have very few control options. A major risk lies in the fact that the notebooks’ operating systems are not up-to-date and no virus scanners have been installed. In such cases, viruses can jump onto business environments, spread further or encrypt data.
For this reason, when using home office with private end devices, make sure that
- an up-to-date anti-virus software is installed,
- the operating system is up-to-date and
- the workstation is regularly scanned with the anti-virus software.
Install a 2-factor authentication (2FA)
With 2-factor authentication you ensure that only you and your employees have access to the business data.
Formulate guidelines for ensuring data security
In order to guarantee the personal rights of third parties in the home office as well, specific protective measures are necessary. We therefore recommend that you formulate guidelines for ensuring data security, depending on how sensitive the data processed by your home office employees is.
If possible, a separate lockable room should be set up for a home office that complies with data protection regulations. To prevent unauthorized persons from accessing the business data, the notebook or any other terminal device must always be locked when the workstation is not occupied by the employee. Data media must also be protected against unauthorized access. Your employees should also ensure that business telephone calls are made out of earshot of third parties.
Inform your employees about possible cyber attacks
There are currently many spam mails from hackers in circulation, targeting information needs in the middle of the corona crisis. As a result, numerous websites have now also been forged. Anyone who clicks on a link in the spam mail falls into the hackers’ trap. In the background, a program is started with which recipients unknowingly download malware. Hackers use this malware to steal information such as mail, names and passwords or start to encrypt data in order to extort ransom money. In addition, hackers can monitor the user behavior of your fellow users and collect hidden screenshots. Even the connected camera can be activated without the employee’s knowledge.
Therefore, talk to your employees about these risks and ask them: