IT and Cyber Security
Businesses across the UK are having to facilitate both office-based and home working as the country adapts to the ever-changing situation around Covid-19. While people are being encouraged to work from home, others still need to work from the office.
Simon Kelf, CEO of BNC Group, says that HR managers need to consider IT and cyber security as they facilitate both office-based and home working
This presents a huge challenge for HR managers, who will undoubtedly be the driving force behind ensuring that offices and working environments are Covid safe for those able to return, while also making sure that those working remotely can continue to do so effectively.
While efforts will – quite rightly – be focused on social distancing, hygiene and new working practices, HR managers must also consider the impact that switch from remote working to office-based working and vice versa will have on IT systems, devices and most importantly cyber security.
This is further complicated because while some staff and employees will return to the office, others will continue to work from home. Some businesses may also require staff to work in the office for a week and then return home to work the following week.
This means that IT systems, devices and processes must operate seamlessly regardless of where the employee is working from. And this is certainly true when it comes to cyber security and ensuring the highest level of protection is in place at all times.
These are some of the key things to consider when it comes cyber security when you have employees working both from the office and remotely.
It is vital that all employees use a work device, whether that be a desktop, laptop, mobile phone, smartphone or tablet. They must not use their own personal devices to access work systems or communications such as email under any circumstances. This way you can be certain that devices are set-up correctly and have the software needed to ensure seamless working from home and from the office, but also to make sure the necessary cyber security software is in place and always up to date. Consider changing devices to end-user devices (EUD) as this gives you greater control over the device, the data held on it, authentication, security and interface protection. It also allows technical support teams to access the device remotely, too. This means they can resolve any technical issues and ensure the device is up to date regardless of whether the employee is working from the office or from home.
User access and controls:
It is important to also consider the controls that are placed on devices and in particular what access an employee is given to an organisation’s systems, files and communications from any and all of their work devices – this helps to secure data by enforcing stricter controls. Peripheral control, for example, allows organisations to block the use of peripheral devices such as USB drives and DVD drives and can also restrict the use of things like Bluetooth and infrared being enabled on devices to further enhance cyber security protections. These restrictions can be dialled up for when the employee is working from home and then dialled back down when they are working from the office and are using approved USB drives, DVD drives and so on to ensure the right protections are in place at the right time.
Use a virtual private network:
If you don’t use one already, move to a virtual private network and require staff to use your company’s VPN when working from the office and from home. A VPN is a secure network where users can send and receive sensitive data and information, as well communicate.
It is important to make sure that your VPN solution is secure and stable. As part of this, your company firewall must have built-in VPN capabilities. You may also need to increase the bandwidth of your VPN as and when staff work from home, but this is easily done.
Migrate to the cloud:
The most effective way of ensuring a smooth and seamless working environment, that is also secure, when you have staff working from the office and from home is to use cloud solutions. If you haven’t already, a cloud migration must be a top priority. Migrating to the cloud allows you to offer safe and secure office-based and remote working, with the option to scale up and scale down usage in line with demand each month. For example, over the next month the majority of staff may remain at home putting additional pressure on your VPN.
But then towards the back end of the year, the balance may tip the other way and it means you can scale down bandwidth as more people are back in the office and the bandwidth required to power VPNs and networks is greatly reduced.
HR managers are not ultimately responsible for their company’s IT systems and cyber security protections, but they do liaise with staff, including those in the IT team, and must be aware of the challenges faced in striking the balance between office based and remote working.
By following the recommendations above, they will be able to work with business owners, IT teams and of course employees to ensure a smooth transition while also making sure the organisation is properly protected regardless of whether staff are working on site or remotely.