29-May-2020
Information security should always have top priority in the home office as well. For every remote employee, whether permanent employees, external (permanent freelancers), partners or service providers, companies have a duty to define and apply security strategies so that they can perform their business tasks and remain productive while keeping the risk of cyber-attacks low.
IT security should never be too complex for your employees to apply individual measures. It is important to raise awareness of digital security, especially currently when there has already been an increase in phishing attacks. Attackers may take advantage of the current situation, so stay extra vigilant about phishing emails and frauds.
Secure communication across multiple locations
When employees access applications or systems from remote locations, the communication between the devices must be secure - either via protocols such as HTTPS or via a corporate VPN.
For remote workers, secure access to corporate applications from the home office is critical. helps to provide the appropriate access methods and technologies to (authorized) remote employees automatically.
The principle of least privilege applied here means that only the minimum privileges granted by an end user, application, service, task or system to perform assigned tasks. This prevents "over privileged access" by users, applications or services without compromising productivity or involving IT.
Hybrid, Public, Private Cloud or SaaS?
If you and your employees all need to access business-critical systems, applications, infrastructure and data from the home office, a hybrid scenario may be appropriate, with some business applications running on premise or in the corporate data center, others in a private or public cloud, or the applications running on Software as a Service (SaaS). Depending on the appropriate model, it is always critical that remote workers can securely access the business applications they need, regardless of their location.
Checklist for secure access & applications in the home office
- Set upVPN solutions that can also maintain a large number of simultaneous connections
- Provide secure videoconferencing capabilities for both audio and video with robust audio and video capabilities
- Ensure that corporate business applications are only accessible via encrypted communication channels (SSL VPN, IPSec VPN)
- Rely on multi-factor authentication mechanisms on corporate application portals
In the current situation, you should be particularly vigilant with regard to e-mails in which you are asked to check or renew access data. Even if they seem to come from a trustworthy source, please try to verify the authenticity of the request.
Do not click on suspicious links or open suspicious attachments.
Also, be especially vigilant about emails from people you do not know, asking you to connect to links or open files. If in doubt, report this request to the relevant security officers.
Mails that give an impression of urgency or serious consequences are important candidates for phishing - in these cases you should always check via an external channel before you comply.
- Send sensitive company information (e.g. by email) only over secure connections
- Be especially careful with e-mails that refer to the Coronavirus or Covid, as these may be phishing attempts or scams.
If you are in doubt about the legitimacy of an e-mail, always contact the relevant security officers.
- Data at rest (e.g. local drives) should be encrypted to protect it from theft and possible loss of the device
- Do not share call and conference URLs in social media or other public channels so that only authorized people can access your corporate meetings
In a digital, networked world, working from home is much harder without comfort. Therefore, here are a few tips for working more comfortably and safely from home:
- Invest in good headphones or a good headset with microphone.
You may now be able to communicate even more frequently with customers and colleagues because you cannot meet at short notice. So make sure people can hear you clearly from the home office during conference calls, video calls, webinars, presentations and maybe even podcasts. Poor audio quality, echoes, background noise or distant voices are certainly something we can all do without.
Headphones also prevent others from listening in on your conversations. Keep in mind, that in your home office, you have confidential conversations whose contents may be critical to your business - and the privacy in a thinly walled apartment in an old building does not necessarily match the one at your office. By the way, many remote workers find so-called over-ears the most pleasant. If possible, close the doors and windows to your workspace before dialing into your next web conference.
Communication in general. We have a variety of technical options for staying in touch with partners, customers and colleagues. In addition, this contact is essential in times when you cannot physically meet each other. Online meetings, messaging, audio and video formats, and collaboration tools make working in distributed teams more efficient and easier.
Important factor of personal job satisfaction: further development
With all remote working, it is important to pursue professional and personal education. Acquire new skills and find new ways of working effectively that will help you in your daily tasks. These can be methods of work organization, but also exercises to focus. You might find the time to listen to a podcast about security technologies or collaboration. Currently there is also a wide range of interesting webinars and online courses offered by industry associations.
Productivity during the lockdown
Teleworking requires self-discipline and organization. Some people work better with a fixed plan that is strictly adhered to, others perform better when they are completely free. In the current situation, it is a privilege for most people to be able to work at home and not have to travel, which makes them more productive because it allows them to focus on what is important.