Keep Secured in Work-from-home Paradigm

Work from home
You may hear about these popular phrases recently, lockdown, stay at home order, work from home, social distancing, quarantine. For companies relying heavily on information technology, when many colleagues have to work remotely away from the office, network connectivity and remote computing, of course are of utmost importance and with immediate urgency.

Keeping your sensitive information safe however, cannot be overlooked when the paradigm is shifted from closed cage firewall protected servers to securely guarded selective open access.

In many of our common understanding, the sensitive data of a company are collectively stored in some secured servers. Need an ID-password pair to get authenticated before gaining access. The computer network that connects the servers is surrounded by highly sophisticated protectors, like firewall, intrusion prevention system (IPS) and data loss prevention (DLP) system.

Some even have a security operations centre (SOC) to monitor the cybersecurity round the clock. Emails would be scanned. USB removable storage has to be encrypted, if not blocked. Computers are installed with the anti-malware system. All and all, hackers are difficult to get in and un-intended leakage of sensitive information can be avoided.

However, with the work from home arrangement, many of the works are carried out at home rather than in a sophisticatedly protected office. When you work on counting banknotes of a million dollars in the bank you are employed, you feel safe. There are steel doors, security guards, CCTV, everything. But if you count them in an outdoor public leisure park, what would you think?

Work from home may be risky if you are not aware of the difference and ignore this paradigm shift.

Tackling this can be a big topic with a very wide scope. Some tips and reminders, however, can be shared for your reference:

  • Set up proper remote computer access sandbox, like using virtual desktop infrastructure (VDI); clean up the temporary files when disconnected from the remote session
  • Enable multi-factor authentication when connecting remotely
  • If setting up the virtual private network (VPN) of network access, be very careful when setting the remotely accessible network segments (minimizing the remotely accessible computers can lower risk exposed)
  • Colleagues may start to love their home computers; set up network access control in your office local network so that when they are back to the office, their be-loved laptops unable to connect without proper end-point protection software installed
  • Colleagues may be less alert when handling emails at home; refresh phishing email training
  • Enforce strict password expiry, as colleagues might have shared password to handle the urgent task when unable to handle that remotely
  • Finally, to enable an access-anywhere experience, you may think of migrating the in-house systems to cloud; scrutinize the platform and the provider with security in mind, not just the usability and price

Hope this helps. Stay healthy and stay safe – for both yourself and your data.


This article is originally published in the Hong Kong Management Association Information Technology Management Newsletter.

About HKMA

The Hong Kong Management Association is a non-profit-making organisation which aims to be the leading professional organisation advancing management excellence in Hong Kong and the region. It provides its members with a platform for exchange of ideas, networking and personal development and to promote best practices in management, nurturing human capital through management education and training at all levels.

Similar articles


The shifting shape of the terrorism threat during the pandemic

As a result of increased disruption and a lack of international travel due to the Covid-19 pandemic, the profile of terrorism has been reshaped across the world.

Suez Canal

Grounding of m/v EVER GIVEN in Suez Canal - Claim & Coverage Overview

The Facts: The recent grounding of one of the world’s largest vessels in the Suez Canal, and its immediate impact on maritime trade between Asia, the Middle East, Europe and the East Coast of the United States, brings to bear the devastating impact that an incident involving a single vessel can have on the global supply chain.

Thai greeting

Developing a new business strategy as lockdown rules ease

As governments begin to relax Covid-19 lockdown rules, companies are working on plans to return operations back to normal while ensuring the safety of employees and clients.


COVID-19 creates new D&O claims risk

The COVID-19 outbreak is affecting the risk of litigation against Directors and Officers as potential plaintiffs scrutinise the way the board manages the company through the coronavirus crisis. While Asia is yet to see the impact, US courts have received the first securities class actions against company directors and there are set to be more claims once health concerns around the outbreak slow or are contained.