HP TECH TAKES /...
Concerning Remote Workers and Security
Is your business prepared?
As a small business owner, you understand the importance of offering remote work arrangements.
Today’s young workers, most of whom have grown up with digital technology, favor employers who give them the tools and flexibility to do their jobs outside of traditional offices. So, in order to compete for this talent, nearly 75 percent of small business teams are expected to have remote workers by 2028.
The challenge with allowing employees to do their jobs off-site is that you can’t assume the cybersecurity implications are the same as if they were connecting from inside an office. They’re not.
Anytime someone connects to a network from outside its secure firewall, they’re creating a world of potential vulnerabilities that can lead to cyberattacks. In fact, a recent Open VPN study found one in three organizations (36 percent) have already dealt with such incidents due to unsecured remote devices.
If you're able to overcome such security hurdles, the benefits to your organization and its employees can be quite high. Your workers won’t have to endure long daily commutes, sit in small cubicles or deal with daily office distractions. As a result, studies show these remote employees can be more productive. You need a strong security action plan in place for the endpoint devices your business buys and the policies it implements.
Deploying Secure Devices
The first thing to keep in mind with this plan is that you can’t go about cybersecurity one dimensionally. Security experts say it’s critical to have a layered defense, which means securing anything and everything that can be reached through a network connection.
Most small business owners know they have to update their software systems every now and then to the latest security fixes, and they also understand the importance of anti-virus and firewall software. But few pay enough attention to the endpoint devices themselves. Those PCs, laptops and printers with hardware that can be targeted at a core BIOS level just as easily as any software program.
This is where many remote workers’ devices are likely to be the most prone because hackers tend to attack the points of least resistance on a network, which is probably why 42 percent of IT professionals surveyed say they have suffered a breach on their endpoints.
The good news is that businesses can minimize such attacks by purchasing computers with built-in security features, rather than relying on software add-ons. Yes, you might spend a little bit more. But the peace-of-mind they offer could offset the cost of a catastrophic cybersecurity event.
For example, HP Sure Start, available on certain laptops and notebooks, can automatically detect, stop and recover from any attack against BIOS, which is a program that gets a computer started before the operating system takes over. HP Sure Click, meantime, can help protect your remote PCs from Web sites and attachments infected with malware, ransomware and viruses.
In addition, the recently released HP Sure Sense can help block previously unknown malware using artificial intelligence (AI). And business owners might also want to consider HP Sure View, an integrated privacy screen that makes it difficult for cyberthieves to see what your employees are viewing while they’re working in public places.
Security Policy Priorities
All of these security features can be massively helpful in heading off potential cyberattacks, but none of that will matter if you don’t also have thoughtful security policies in place.
For instance, while roughly 90 percent of small business owners know weak or outdated passwords pose a serious security risk, nearly 60 percent polled admit they’re not doing much about the problem. That’s got to change in a remote world. As a matter of policy, you should require employees to adopt strong passwords – consisting of capital letters, numbers and symbols - and change them every 90 days.
Because passwords aren’t the most reliable or secure identity and access practice, you should also consider adopting two-factor authentication. This is where employees must input more than one piece of information - such as a password and thumbprint or a smartcard and pin - to log into a network.
One other point to keep in mind is that your network printer can also be a vulnerable endpoint device. They’re just as connected to the outside world as any PC, so if they don’t have built-in security features, they could create a problem. Employees sometimes print documents to them and forget to pick them up, leaving them out in the open for any passerby to steal.
To avoid this scenario, consider investing in “pull printing” capabilities, where employees print to a queue and can only retrieve documents using personally identifiable credentials.
The workforce is changing dramatically, presenting unprecedented opportunities for flexibility and convenience. While this new reality presents numerous cybersecurity challenges, that doesn’t mean small businesses should stand still. With a thoughtful approach toward technology purchasing and policies, it’s possible to take full advantage of digital progress - safely and securely.
Thinking about putting new technology to work for your business but not quite sure where to start? Let an HP business expert help. They’ll work with you to identify the right technology for your business now and into the future, can assist with custom configurations, flexible financing options and much more.