Best practices for data safety in a remote work environment

Do you have staff working from home? Of late, due to the Coronavirus crisis a lot of businesses shifted to the remote working environment. While it raises some data security concerns, they can be overcome by following a few best practices.

Formulate rules
You can start by formulating rules that define the extent and manner in which personal devices may be used for work purposes.

• Who are allowed to use personal devices for work?
• Spell out the regulations that they must follow. For example, regular checks for malware and updates to anti-malware software, etc.,
• If there are restrictions to the device type, software or operating systems that may be used, out of security concerns, then that should be addressed.

Focus on the 2 Ts of cybersecurity

• Train your staff: The first T is training your staff on how to identify IT threats and cybercrime activities that they can be a victim of. Examples include phishing emails, dubious attachments, clone sites, etc., Another area to train your staff is free/public wifi. They need to know that public wifi can be a gateway for hackers and cybercriminals into your system. Accessing emails from the airport’s waiting lounge or the mall’s food court, can expose your business to IT threats.
• Teach good password hygiene: This is the second T. Help your employees understand how important password strength is. They should be able to identify weak passwords and steer clear of them. Also, they need to know that no matter how urgent the situation seems, password sharing is not acceptable. Similarly, mistakes such as repeating the password for multiple accounts, not changing the passwords frequently, etc., can make a cyber criminal’s job easier.

Keeping things under control

You can conduct monthly audits of the devices your employees will be using for work purposes. Arrange for regular security patch implementation, firewall installation and software updates. Install quality anti-malware software, firewalls, and make sure email security systems are in place. Even in the remote environment, you can ensure appropriate data access through role and permission-based access control measures.

All of this may seem new, and tedious, especially for businesses that are looking to recover from the effects of the on-going pandemic, which is why it is a good idea to team up a managed services provider to help set up a strong, secure, work-from-home environment for your business.

How safe is your data when your staff works from home?

The Coronavirus crisis has changed the world as we know it. With social distancing, lockdowns and work from home becoming the new normal, cyber criminals are exploiting the situation to their gains. This whitepaper discusses how the cyber crime landscape is likely to shape up in the post-pandemic world and how businesses can safeguard themselves against it.

One of the reasons for a sudden spike is cyber crimes is the work-from-home model that is increasingly becoming the norm. When you allow remote access to your data, you are virtually opening your IT infrastructure to criminals–unless you have the right security measures. It is easy for malware and hackers to get into your system and corrupt it unless you have the right measures in place.

With employees operating from home, there are a lot of loopholes that cyber criminals target. Some of them include

Lack of knowledge
Most employees don’t realize how their simple actions or non-actions can contribute to a cyberattack that can bring your whole business down. For example, they may unwittingly end up compromising on your business’s data security by sharing passwords, not using a good antivirus software or using the public WiFi to access their emails, etc.,

It is more difficult to oversee IT operations
With teams working remotely, it is difficult for businesses to manage their IT efficiently. Installation of security patches, anti-malware tools, data backups, etc., are all more difficult now.

Working from home offers businesses a lot of benefits in terms of cost savings, employee satisfaction and flexibility. But, it also raises a lot of questions from the IT security perspective. When opting for the work-from home model, it is important to clearly define the IT policies and put them into practice. You could partner with an MSP who specializes in cybersecurity and remote workspace management to help you formulate a safe, remote working environment.

4 things to do to ensure your business continuity planning is a success

Working on creating a contingency plan for your business? That’s great! Here are 4 things you need to consider when preparing your new business continuity plan.

Audit of your business continuity plan
Having a business continuity plan alone is not enough. You need to audit it at regular intervals to ensure it is up-to-date and relevant. Often, business continuity plans aren’t used for years, and may be obsolete or irrelevant by the time an actual emergency occurs.

Creating a team for business continuity
Constitute a team for your business continuity project. Decide who will take ownership of implementing the business continuity in the event of an emergency. Break down the business continuity plan into smaller elements and decide who is responsible for each of them. Also, remember to designate a back up for each person in the team.

Mock Drills and Dry Runs
After your business continuity plan is ready you need to check if it really works. A dry run will tell you if it is really effective and also point out to loose ends, if any, that you can fix before the actual emergency.

Don’t forget a debrief
In case you do end up using your business continuity plan, make sure you do a debrief. It will help you determine the effectiveness of your business continuity plan. The brief should focus on identifying the losses you incurred from the disaster, the time taken for implementation of the business continuity plan, the key positives of implementation of your business continuity plan and also offer suggestions, if any for improvement. Irrespective of the size of your business, business continuity planning is indispensable. Bigger companies often have their own staff (IT as well as non-IT) for business continuity planning, but for SMBs to have their own business continuity planning team can be a bit of a strain on their resources. Consider teaming up with a MSP who is experienced in disaster recovery planning, so you don’t cut corners now to regret later.

What are the essentials of a business continuity plan?

An unexpected emergency can wipe out your business! A business continuity plan can help it survive. But, what should a good business continuity plan cover? Read this blog to find out.

A list of your key contacts
One of the most important elements in your business continuity plan is a list of all your important contacts who should be informed of the disaster. This can include all your C-level execs, HR managers, IT Manager, client facing managers, etc.,

A comprehensive list of your IT inventory
Your business continuity plan should contain a list of all the softwares, apps and hardware that you use in the daily operations of your business. This list should identify each of those as critical or non-critical and mention details pertaining to each of them such as

• The name of the app/software
• Version/model number (for software/hardware)
• Vendor name and contact information for each of them
• Warranty/support availability details
• Contact information for customer support for these hardware/apps
• Frequency of usage

Backup information
Data backups are critical to your disaster recovery and so your business continuity plan should include information about data backups. It should mention how often data is backed up, in what formats and where. It should also mention what data backups are available–ideally, you should be backing up ALL data already!

What’s your Plan B?
Make sure your business continuity plan lists a backup operations plan that will come into play in the event of a disaster. Examples include alternative workflows such as options to work remotely or to allow employees to bring their own devices to work (BYOD) until the time regular business premises or systems are ready.

Floor plans and location
Your business continuity plan should also include floor plans of your offices with the exit and entry points clearly marked up, so they can be used in the event of any emergency. It should also mention the location of data centers, phones, key IT systems and related hardware.

Process definition
Make sure your business continuity plan defines the SOPs to be followed in the event of an emergency.

Think business continuity planning is too complicated? Don’t give up! A lot of SMBs, don’t create a business continuity plan thinking it is too much of a hassle. But this can prove fatal to your business later. A qualified MSP can help you understand business continuity planning and even help you create a business continuity plan that’s best suited for you..