Overcoming Challenges of Work from Home

Over the past several years the primary driver of work from home has been the attraction for retention of talent or it was largely about saving money. COVID19 has taught organisations better future disaster preparedness and employers are increasingly finding it advantageous for employees to work from home.
Remote working employees employ various means of connecting with the organisations, such as by VOIP, laptops, and virtual private network connections to access the company servers. Employees get convenience and freedom, and their employers get a lower turnover and lower office expenses, and also employees around the globe are saving 100% of their commuting time. It’s a win-win situation for both employee and organisation.
When employees are working from home and they routinely log into the company networks remotely can make it harder for IT staff to spot unauthorised logins and data theft. For example, many employees log in from insecure networks and access company assets via the Internet, their own homes, an Internet cafe, or a coffee shop down the street offering free wifi.

Unsecured Networks: It is tough to control security and privacy and using a public network increases the risk of a potential data breach.
Personal and Shared Devices: Keeping unauthorised users of work PC can also be a challenge.
Insecure Smartphones: Smartphones without antivirus can’t control, there’s a risk from hacking, malware, and more importantly the social engineering crimes.
Virtual Meetings: Zoom and Webex etc help all employees to stay connected to co-workers and there is a risk because users don’t always install security updates and patches.
Distraction: Because of continual access to social media and the internet, there is an increased possibility of distraction and prone to social engineering attacks.

Have a remote security policy and use the right technology and tools
Ensure you have enough number of VPN licenses and Effective use of VPN and are aware of additional risks from remote working.
DNS filter to prevent employees from accessing risky websites.
Sufficient policies and procedures exist and Disable USB ports to prevent the use of portable storage devices.
People joining virtual meetings, be sure you secure your privacy by switching off video and mic and also ensure screen sharing, annotation and whiteboard features are switched off and the controls are only with Administrators.
Physical security of computers is often considered unimportant and employees must be aware how to secure their remote workspace and steps to protect their work stations and devices
Implementing Multi-factor Authentication and best Password practices to avoid using weak and compromised passwords.
Ensure employees only use secure internet connections and use encryption software and have updated firewalls, antivirus and anti malware softwares on all their laptops.
Make sure employees know all the cloud-based collaboration platforms available to keep files and services on the cloud and ensure encryption is used for all data that is stored and in transit.

Avoid clicking on links in emails from unknown senders and never open exe/program files sent in attachment.
Verify email sender domain (headers) to see if it matches the website of the organization the email comes from.
Avoid responding to emails soliciting personal, financial information, feedback and surveys on official emails.

Attention to time: Small pockets of 15 to 30 minutes exist between scheduled meetings, ensure you walk a 100 meter or browse a paper, or have a short two-minute talk with kids and spouses.
Personal Boundaries: Respect the space of everyone and don’t yell at kids when someone is disturbing in the midst of your meetings, especially when you are sharing living space with roommates, spouses, children, and pets.
Calendar Management: Often spouses and kids complain that you are overspending time on the system and not allowing time for them. Create a calendar and slot time for all.
Managing Energy: First few hours in the morning is when you’re fresh, prioritise the important works accordingly
Empathy and compassion: Remote work today is happening in an extreme state of uncertainty and anxiety, Now is the time to have empathy and compassion with each other especially with the teammates.

Organisations must use the outbreak as an opportunity to strengthen security and implement the above solutions to decrease risk. Data breaches to spear phishing, brute force, and ransomware, Online threats could be same if it’s a private or a government organization as the focus is more either for ransom or sensitive data.
Small and Medium Enterprises who cannot afford to have a separate cyber security practice can reach expert members of the Centre of Excellence Cyber Security Telangana ( https://ccoe.dsci.in/ ) for both options of internal and outsourced cyber security support.
A host of new technologies and services are coming onto the market that makes it easier to mount a robust defence against cyber threats. Private companies should focus on (a) Outsourced security services for BYOD, MDM, NOC and SOC (b) Systems that enable collaboration between security team members (c) Continual attack simulation tools and (d) Point solutions for anti-phishing and secure browsing (e) private and government partnerships in cybersecurity practices and developments.