Network Security Best Practices for Remote & Hybrid Workers

Even before the pandemic upended our world and the way we go about our business, remote and hybrid work was gaining traction. Now it’s practically the new normal for many jobs where working outside the confines of brick and mortar buildings is possible.

This brings a new level of security concerns, since remote workers are accessing their home WiFi networks that likely aren’t as secure as those managed by the company. Depending on the job, they may even be using their personal devices to access company assets. Precautions must be taken, so we want to go over the most important network security best practices for remote and hybrid workers.

Conduct Awareness Training

It never hurts to give everyone a refresher and teach them some new things about cybersecurity. Cybercriminals are always evolving along with the technology. What was taught a year or two ago may not be relevant or could need updating with new information. Plus, with so many working from home now, cybercriminals may adjust their tactics and become more brazen.

Be sure that all employees understand the risks of phishing emails, ransomware, social engineering and other possible means criminals can use to force their way into company data.

Implement Strong Passwords and Two-Factor Authentication

Long passwords with a variety of letters, numbers and special characters should be mandatory for all employees to make them as hard to figure out as possible. It’s recommended to change passwords when there is reason to suspect they’ve been compromised, plus changing them annually regardless for more airtight security. 

For a stronger authorization process, implement two-factor authentication for all users. This often entails an authorized user putting in a code they’ve been sent on their personal mobile device, which no unauthorized person should have access to.

Use Virtual Desktop Infrastructure

Virtual Desktop Infrastructure (VDI) is a great cybersecurity tool that lets authorized users securely connect to an organization’s networks and access their assets remotely through any internet connection from almost any device and location. The secure aspect of VDI protects company information from the get-go, ensuring no unauthorized access is obtained.

There are many VDI providers out there, but we recommend Microsoft Azure.

Work on Private Networks

Even on a company-owned device loaded with antivirus software and other protections, it’s never a good idea to log onto a wide-open public network. You don’t want remote workers headed to the corner cafe for a cup of coffee and a quick work session on that coffee shop’s network, not-so-cleverly called “Coffee Shop WiFi,” with its equally unclever password, “Guest.” These kinds of unsecure or minimally secure networks are easy for criminals to enter.

Remote and hybrid employees should work on a home network protected by a strong, tough-to-break password that won’t easily let in cybercriminals.

Use the Cloud

The development of services like Microsoft Office 365 and Google Workspace has allowed businesses to conduct their work fully online while taking advantage of the excellent security measures put in place by these industry titans. 

The cloud is also quite convenient. With everything located online, materials can be accessed from any device with the correct authorization and credentials.

Further Reading: The 5 Best Cybersecurity Risk Assessment Tools

Only Use Work Devices for Work

Encourage employees to keep work at work and everything else on their own devices. Personal web browsing could lead to insecure connections on some sites or fake merchant pages that are all vulnerable to attacks or could be riddled with malware, putting the company’s assets at risk.

It’s a best practice to ensure employees use company-owned equipment for work, rather than using their personal (and potentially insecure) devices or using work devices for their own leisure.

Keep Software & Hardware Updated

Bugs and vulnerabilities are found all the time in just about every operating system or antivirus software, so frequent updating is key. Roll out updates remotely to all company-owned devices as often as necessary — or even more than necessary, to stay ahead of the crooks.

Be Mindful of Private Info on Video Calls

Zoom, Teams, Skype and any other video conferencing software are now the norm. When you’re on camera, make sure there’s no sensitive personal or company information on camera with you. Likewise, when you’re sharing your screen, prepare ahead of time so your screen or desktop doesn’t contain sensitive information that isn’t meant to be widely shared.

Furthermore, when your webcam isn’t in use, block it out. Use an attachable camera slider for a laptop (or even go old-school with a bit of electrical tape) or consider disabling it when it’s not needed. Malicious criminals can take control of webcams in an attempt to sneakily gain access to private or sensitive materials.

How’s Your Cybersecurity Preparedness?

How aware are your employees of the dangers cybercriminals pose? Do you have backup systems in place to avoid costly downtime if a cyberattack succeeds? 

Questions on these topics and more are covered in our free Cybersecurity Risk Assessment tool, which is available below. We encourage you to take it and learn where you stand with cybersecurity preparedness. It’ll only take a few minutes, and once completed, we’ll send you your score plus your ideal next steps for boosting your defenses.