How do you secure the devices your teleworkers are using?

Identity, data, and devices

Stephan Van Dyck, Cybersecurity Consultant at Proximus: ”The security of home offices is based on three things: identity, data, and devices. First, you need to ensure that your employee is who they say they are. A username and password are no longer sufficient proof. Multifactor authentication is required.”

“You will also need to create a device security policy to secure your data effectively,” says Stephan. “Many businesses had to do that at short notice during the lockdown in 2020, which meant they made mistakes. The best approach is to have your security policy audited. Finally, you should also know where your data is located and which devices your employees are using. Because you can’t secure something or someone that you can’t see. Everything revolves around zero trust: trust nothing and nobody, and check everything.”

Stephan Van Dyck

Greatest dangers: phishing and CEO fraud

What is the greatest danger? That is and will remain phishing and ransomware attacks. Stephan: “CEO fraud boomed during lockdown. Using perfectly faked mails from CEOs, hackers try and steal data by abusing trust and having huge sums of money deposited on their account. Hackers know that people are naturally curious, and they profit from that. They also know that teleworkers are less attentive and more easily distracted by what’s going on at home.”

“The division between work and private life all but disappears when working from home. Partly because many employees use their own, unsecured devices. Smartphones in particular are less secure than PCs or laptops. And a teleworker is isolated. It’s more difficult to go to a colleague or manager and check that the e-mail they’ve just received is genuine.”

Offering remote assistance

How can you help your teleworkers? By securing your e-mail traffic, by checking the identity of your users with multifactor authentication, and by taking control of the data on your devices. Stephan: “The latter can be done by providing clear outlines for your employees to follow, while also allowing them room to maneuver. And it’s worth noting that not all your data needs the same level of protection. You protect them according to how sensitive and confidential they are, and then store them in more or less secure locations.”

“There are multiple tools for this purpose, but Microsoft Defender for Endpoint is one of the best. It makes it easy to secure the use of your data and also protects it from malware, among other things.”

Zero effect on your productivity

And what about businesses that do not invest in cybersecurity because they think it costs too much and will cost their employees too much time on a daily basis? Stephan: “The latest security solutions focus on ease of use. For example, you can also check the identity of your users via their smartphone, in the same way that itsme does. All they have to do is type in the number that appears on their pc or laptop screen and then confirm with a fingerprint or face recognition.”