Working around Coronavirus – An SMB guide to safe remote work
Our Seattle office is on the front line for coping with Coronavirus (Covid-19) and figuring out a safe remote work strategy for as many people as possible. So, if you’re a small business, what do you do during a disaster? Especially one involving a communicable disease?
First, separate your business into two groups: on-premises and remote workers. Enable remote work policies for absolutely all non-necessary people (and those whose immune systems are weakened) and establish a clean office environment for those who must remain.
For those working remotely, we’ve outlined six crucial things to do. This group will be accessing data outside of the primary company connection for extended periods of time, so securing the corporate device (as well as its connection to the internet) is crucial. Working around pandemics is a new thing, so most SMBs in particular are only recently thinking about what to do when requiring employees to be away from the office…but still meeting the need to protect the company device, data, and connection to the internet.
Five tips for securing remote workers
- Use a secure VPN.
It’s not just about company device cybersecurity, but about protecting that device’s connection to the internet while it’s dealing with company data. It’s crucial to select a VPN (like Rubica) that encrypts data without selling it. It’s extra-important to verify because a connection’s leaked corporate data getting sold to a third party is a tricky spot for an employee and an employer to find themselves in. It’s not quite the same as corporate espionage, but it could still bring the same disaster with leaked intellectual property.
- Update everything.
Take a moment for updating each device, then schedule a weekly reminder on your company calendar. Exploiting late patches is one of the main ways to snag corporate data through a malware attack, so it’s worth a checkbox on the list of things to do during remote work.
- Use laptops as a standard user, not an admin.
If something or someone does take control of a company device but logged in as a standard user, they won’t be able to do nearly the same kind of damage as an administrator and will be much less able to launch an attack at the company.
- Enable MFA or 2FA on everything that supports it.
If malicious actors can’t get into the account itself without the second piece of verification, an attacker won’t be able to impersonate a user in the first place. Multi-factor authentication (MFA) is the best way to lock down identity management at home and at the office. Don’t forget MFA on the password manager itself!
- Create a separate VLAN.
Put your work devices in their own virtual network to contain any damage that might come should your work device be attacked. That way, the infection doesn’t spread onto the home wifi network onto any personal devices connected at the residence. Plus, it’s easier to shut down access to just one piece of your network rather than disabling all of your wifi network during a malware attack.
- Beware of current events in the inbox.
At Rubica, we’ve seen the Coronavirus used as phish-bait. Some emails claim to be from the World Health Organization; others from the CDC. They all want you and your employees to click during a weak moment. We’ve included phishing examples that have informative screen shots, but it’s also worth brushing up on team phishing skills with our favorite Google quiz.
Tips for on-premises workers
For those last few in the office, here are the basics for a cleaner business:
- Sanitize the most common surfaces at the close of your business day, preferably when there are few or no people around. Don’t rely on your facilities staff or cleaners for this part.
- Dispose of all garbage outside of the office (including cleaning waste) at the end of the business day.
- Sanitize your keyboard/laptop/phone right before you leave at the end of the business day, put them in your bag, then don’t touch them again while you’re on the premises.
- Sanitize your hands right after leaving the office. Break the habit of face-touching.
- Don’t lick envelopes to seal office mail. Use a moist sponge or paper towel.
- Plan for decreased productivity should staff be ill.
It’s a tricky time to be running a business, so feel free to contact Rubica at no charge to answer your cybersecurity questions.
Coming soon – a more powerful Rubica, just for SMBs. Get on our waitlist!