Home offices, remote offices, and branch offices (ROBO) are becoming ubiquitous in the wake of COVID-19. Admins must adapt if they hope to keep remote workers productive while still keeping data secure. Remote offices demand the same level of care as headquarters but admins rarely have the time or budget keep close tabs on them. That can lead admins to make costly mistakes that result in downtime or even a major data breach.
As admins adapt to the needs of a more scattered workforce, here are some of the critical mistakes they need to avoid:
Relying on Untrustworthy, Insecure VPNs
Without a secure, encrypted pathway between a remote location and a company’s primary systems admins are just begging for a data breach. But it’s not just about having a VPN. It also about keeping it highly secured. Recently, hackers were able to access data from more than 20 million users of primarily free VPN tools. That’s right. The very solutions that were designed to protect data were, in fact, a massive weak link in the security chain. Take that as a warning. Not only should you use a secure VPN, but you should also work with a vendor that has a solid track record. Since you usually get what you pay for, avoid free options. And, since your VPN users will often be located in areas without in-person IT support, it’s smart to pick a VPN solution that’s easy enough for anyone to use.
Using Unsecured Storage Devices
USBs and external hard drives are essential storage devices for many remote workers and remote offices. The trouble is that such small devices are notoriously easy for workers to lose and for thieves to steal. Whether remote or onsite, no employee should risk exposing company data. Instead of basic flash drives or external drives, consider an encrypted solution. Some encrypted drives even have keypads right on the device, which makes them easy for employees to access, but secure enough to keep bad actors out. Since any data on the device is automatically encrypted there’s no chance of someone accessing the data should it be lost or stolen.
Allowing Unsecured Video Conferencing Tools
Remote workers need to feel connected, and these days there are hundreds of video conferencing tools that help. The problem is that these platforms became larger targets for hackers just as companies have adopted work-from-home policies spurred by COVID-19. Zoom, in particular, has a track record of so-called “Zoom bombers” interrupting meetings to send disturbing messages and images. Security features tied to video conferencing platforms are so lacking that global privacy commissioners recently issued an open letter to the platforms, criticizing them for their lack of end-to-end encryption and two-factor authentication. With that in mind, choose your video conferencing tools carefully, and be sure your end users use waiting rooms, pin numbers, and other security features that help keep video conferences secure. And, if your business must ensure patient privacy, be sure your video conferencing provider is compliant with the Health Insurance Portability and Accountability Act (HIPAA).
Skipping Backups for Remote Employees
With so much work stored in cloud-based productivity suites like G Suite and Microsoft 365, many admins don’t worry about end-user backups. But that can create problems with the integrity of your data. Data stored in cloud platforms can accidentally be deleted or overwritten. Users might not be protected from ransomware. And, they’re definitely not protected from social engineering attacks, leaving their data vulnerable to theft. A better backup strategy is to first take image-based backups of an employee’s machine to save anything stored on local hard drives. Next, use StorageCraft Cloud Backup to create backups of data stored on Microsoft or Google cloud-based applications. That keeps employee data protected from threats posed by ransomware, viruses, hardware failure, or even user error.
Not Prioritizing Remote Office Recovery
One of the biggest mistakes admins make is not anticipating how they’ll help a remote office recover. Backups help prevent data loss but recovery helps prevent downtime, which, according to Gartner, costs an average of $5,600 a minute. Admins must ensure that solutions they use for backing up and recovering their main data centers can easily be used at remote locations, too. With StorageCraft OneXafe Solo it’s easy to protect remote offices. Since setting up the device is as easy as plugging it in and connecting it to the internet, branch locations with no onsite IT support can easily install it. Plus, OneXafe lets admins manage everything, from setting up backup policies from anywhere to kicking off a remote recovery when they need to using StorageCraft OneSystem.
Not Communicating Security Policies and Procedures
Many of the issues admins have with remote or home offices come from end users themselves. It’s easy to forget that the average user doesn’t think about security, which is why it’s up to you to establish policies and make sure they’re followed. Many businesses are creating remote-worker handbooks that cover everything from how to take and store backups to how to avoid ransomware or use a secure VPN. Taking the time to craft a thorough remote-worker handbook is a great way to disarm security threats afflicting remote and home offices.
Remote work has become more common, but, just like the workers that have to adapt to these challenging times, admins must also adapt. Using the right tools it’s surprisingly simple to ensure all of your data is secure, regardless of where it’s created or used.
If you’re looking for ways to back up and recover data from anywhere, sign up for a StorageCraft demo to see how easy it can be.