It’s been two years since the COVID-19 pandemic first sent workers home — and almost immediately after, organizations began planning the first of many returns to the office. Now, as we head into the spring of 2022, it seems like that return is finally here — but not before many workers and workplaces got a taste of what was possible in a remote work environment. For many, the return to the office is likely to be only part time, with hybrid work becoming more and more common. With the hybrid office comes challenges, though, and key among those is security. Whether your organization plans a fully hybrid schedule or has just a few remote workers, securing the people and devices outside your four walls is essential. Here are a few things that can give anyone responsible for sensitive data some peace of mind.
MFA is a way to access a system, program or device using more than one factor. A password is one factor, so a username and password is considered single-factor authentication. In terms of data security, the more factors you have, the better it is.
There are three possible authentication factors: Something the user knows — a password, PIN or a pattern; something the user has — a smartphone, ATM card or authentication key; and something the user is – fingerprints, voiceprints, facial recognition or other biometric. Be sure to choose the method best suited for your workplace — a password and a security token, or a password and a fingerprint scan are common. Whatever method you choose, be sure to educate your remote workers on using it correctly.
Because of the extra step, many organizations hear a lot of employee backlash when first implementing MFA. However, in some ways, it can simplify things. For example, the use of MFA can enable organizations to implement single-sign-on (SSO) solutions, allowing users to access multiple systems using just one login – once MFA has been used to authenticate the individual, they can access related systems as well. And let’s face it, many workers are a little more willing to trade the convenience of a single authentication factor for the convenience of working from home. MFA ensures a stolen password doesn’t allow entry into your network, mitigating concern about passwords written on Post-Its being left lying around – remote or in the office.
Zero trust security is a term for security models that don’t rely on predefined trust levels. In other words, there is no assumption that anyone inside or outside the company is inherently trustworthy. This lack of assumption makes zero trust security ideal for hybrid office models, as it doesn’t rely on user location, unlike traditional security in which everyone inside a network has access. Zero trust security often goes hand in hand with role-based access control (RBAC), which allows organizations to allow only certain roles to certain resources — marketing can’t access financial data, for example.
If you’re thinking about implementing a zero-trust security policy for your company, there are a few things to keep in mind. First, of course, make sure that all your remote workers know the policy and understand how it works and what resources they do and don’t have access to. Second, be sure to test the policy regularly to make sure that it’s working as intended. Finally, don’t be afraid to adapt the policy as needed; zero trust security is a flexible model that can easily be adapted to changing needs.
It’s not uncommon for organizations to hyper focus on network security, ensuring computers and networks are locked down, but to forget about the printers. Whether in the office or remote, workers need to be careful about where they print your company’s sensitive data. If you’re not careful, you could end up exposing yourself to a security risk.
Public printers at places like Staples are a prime target for malicious actors. These printers often have minimal security measures in place, making them an easy way for someone to steal your data. If it’s essential for remote workers to print confidential information, make sure they do not do it on public printers.
Even if you’re careful about where your employees print, you need to be aware that home office printers can also be a security risk. Many home printers come with built-in Wi-Fi, which makes them vulnerable to attack. Malicious actors can use programs to steal data as it’s being printed.
To protect your remote workers from attack, make sure they’re outfitted with the same type of protection you’d have in the office. For example, printer firewalls help to keep unauthorized users from accessing a printer. Set up print job encryption to protect your documents. This encrypts the data as it’s sent to the printer, making it difficult for anyone to read it. Data encryption is standard on many print devices, preventing data streams between the printer and other computers from being intercepted, stolen, or altered.
If you’re considering a hybrid office strategy, going fully remote, or have already done one of the two but want to tighten security, you don’t need to go it alone. A trusted partner like Centric Business Systems provides software, hardware, services, and support that can help you create a more secure hybrid environment. Visit us at www.centricbiz.com or contact us at (877) 902-3301 to schedule an assessment and consultation today.