Keep Secured in Work-from-home Paradigm
Keeping your sensitive information safe however, cannot be overlooked when the paradigm is shifted from closed cage firewall protected servers to securely guarded selective open access.
In many of our common understanding, the sensitive data of a company are collectively stored in some secured servers. Need an ID-password pair to get authenticated before gaining access. The computer network that connects the servers is surrounded by highly sophisticated protectors, like firewall, intrusion prevention system (IPS) and data loss prevention (DLP) system.
Some even have a security operations centre (SOC) to monitor the cybersecurity round the clock. Emails would be scanned. USB removable storage has to be encrypted, if not blocked. Computers are installed with the anti-malware system. All and all, hackers are difficult to get in and un-intended leakage of sensitive information can be avoided.
However, with the work from home arrangement, many of the works are carried out at home rather than in a sophisticatedly protected office. When you work on counting banknotes of a million dollars in the bank you are employed, you feel safe. There are steel doors, security guards, CCTV, everything. But if you count them in an outdoor public leisure park, what would you think?
Work from home may be risky if you are not aware of the difference and ignore this paradigm shift.
Tackling this can be a big topic with a very wide scope. Some tips and reminders, however, can be shared for your reference:
- Set up proper remote computer access sandbox, like using virtual desktop infrastructure (VDI); clean up the temporary files when disconnected from the remote session
- Enable multi-factor authentication when connecting remotely
- If setting up the virtual private network (VPN) of network access, be very careful when setting the remotely accessible network segments (minimizing the remotely accessible computers can lower risk exposed)
- Colleagues may start to love their home computers; set up network access control in your office local network so that when they are back to the office, their be-loved laptops unable to connect without proper end-point protection software installed
- Colleagues may be less alert when handling emails at home; refresh phishing email training
- Enforce strict password expiry, as colleagues might have shared password to handle the urgent task when unable to handle that remotely
- Finally, to enable an access-anywhere experience, you may think of migrating the in-house systems to cloud; scrutinize the platform and the provider with security in mind, not just the usability and price
Hope this helps. Stay healthy and stay safe – for both yourself and your data.
This article is originally published in the Hong Kong Management Association Information Technology Management Newsletter.
The Hong Kong Management Association is a non-profit-making organisation which aims to be the leading professional organisation advancing management excellence in Hong Kong and the region. It provides its members with a platform for exchange of ideas, networking and personal development and to promote best practices in management, nurturing human capital through management education and training at all levels.