The idea of promoting remote work has gained traction across businesses of all sizes. It provides flexibility to colleagues and creates a workforce without limits to city, state, or country. Offering this option to employees is a nice perk and offers convenience in an increasingly technologically connected world. Of course, there are instances when your staff will need to work remotely out of necessity.

With the spread of COVID-19, many companies are growing concerned about the well-being of employees and encouraging them to stay home to reduce the spread of the illness. There are other unexpected or sudden instances that could require your workforce to work remotely, including natural disasters and other unexpected events. Readying a strong remote workforce will keep your business running smoothly with minimal disruption.

As a managed services provider (MSP), it’s your responsibility to ensure that your remote workforce maintains the same level of compliance and security as if they were in an office environment. You may have clients who have never had a remote workforce, but situations may require them to pivot in this direction, and you need to be prepared to set clients up and support their needs.

Prepare your remote workforce with security awareness education

Besides using the latest security tools and solutions, the most powerful defense against cyberthreats when building a secure remote workforce is the end users themselves. Getting your clients to think and act with security in mind begins with security awareness training. You should regularly provide clients with training.

However, if you are discussing the possibility of activating your clients’ remote workforce, it is best to begin the training beforehand. Give them advice on what to be diligent about regarding attacks targeting remote workers, like phishing scams, fraudulent VPN messages, and more.

A common tactic for bad actors is to capitalize on issues or events that trigger a gut response, namely fear, in the reader. Email subject lines like ‘Corona News Flash’ or ‘X New Cases in (Insert City Here)’ stoke the flames of uneasiness and try to get a user to click without investigating if the email is credible.

There are easy ways for an end user to spot a phishing email, and security awareness training will encourage them to take a few seconds to look before taking the next action on an email. These added security measures may seem like overkill, if you can help the end user understand why the added measures are important for protecting critical data, they are more likely to implement them.

Access to mission-critical applications and documents

If your clients’ remote workforce issues company devices, ensure employees have full access to the documents and applications needed to complete their work. A strong remote workforce needs access to their company cloud to perform critical job functions. Storing important documents and applications in the cloud will require secure policies for how to access them like audit trails, prohibited access to non-essential areas, permission-based roles, and more.

Ensure your connections are secure

After establishing access to critical applications and documents, you need to ensure that their connections are secure. A Virtual Private Network (VPN) provides a secure, direct link to client servers. Implementing a VPN is a nice base layer of security for a remote workforce. However, it is always recommended to add additional layers of security. Multi-factor authentication (MFA) provides that extra layer of security for the organization and the end-user by requiring a numerical code sent through the user’s phone, a fingerprint, or security questions.

A remote workforce is just that — remote. They may not work from home. Instead, they may spend some time at a coffee shop, library, or other public area with free WiFi. When using a free internet connection, it allows others to see exactly what you are doing on your device and potentially steal vital information is users are not careful.

If you enter a username and password to retrieve information and you are using free WiFi, a bad actor will be able to swipe your password. Enforcing password protection practices, such as using a password vault or encryption keys, will make it harder for unauthorized users to gain access to the networks of remote workers.

Establish communication systems

The obvious drawback of remote work is the inability for clients to have face-to-face interactions with their colleagues. As technology has advanced, the once high barriers of long-distance communication and collaboration have been taken down. To keep teamwork alive for your clients and their remote workforce, setting up secure and reliable communication systems are crucial.

There are dozens of communications tools at your disposal for a remote workforce that will encourage long-distance collaboration and teamwork. For example, Google Hangouts, Slack, or Microsoft Teams are just a few tools that enable quick-chat, group-chat, client communications, and video conferencing.

Holding meetings and calls while working remote

The chat and conferencing programs you use to stay in touch should offer virtual face-to-face touchpoints to mimic an office setting. The chat programs you implement will allow for video conferencing, so clients won’t miss a beat with meetings. Encourage them to implement a camera-on policy, so they can have the same face-to-face touchpoints they would have if everyone were in the office. Send out meeting agendas ahead of time so everyone can prepare and stay focused.

Despite everyone working from a remote location, it is within your best interest to replicate the in-office feeling for meetings and calls. It is helpful to send out agendas, notes, or anything else well ahead of the meeting start time to help everyone prepare and stay on topic.

Photo: goodluz / Shutterstock.

Jay Ryerse

Posted by Jay Ryerse

Jay Ryerse, CISSP, is the Vice President of Cybersecurity Initiatives for ConnectWise. He brings more than 25 years of experience providing information technology and security solutions to businesses of all sizes. He’s the previous owner of a successful Atlanta-based MSP and was the CEO of CARVIR, the cybersecurity company acquired by Continuum in 2018. Jay is the author of “Technology 101 For Business Owners”, was named to “The World’s TOP MSP Executives, Entrepreneurs & Experts” in 2014 by MSPmentor.net, and was the “2015 Better Your Best” winner from Technology Marketing Toolkit. Today he works closely with IT service providers and MSPs to provide insight and best practices for securing business networks.

6 Comments

  1. Avatar

    Great article and useful tips

    Reply

  2. Avatar
    Sharon Vanhoose March 25, 2020 at 2:41 pm

    Great points and I think if you are working from home and have kids its even more distracting but be honest and tell people you are talking to. In this time everyone should understand.

    Reply

  3. Avatar

    Expanding on document access:

    Make sure you are saving documents in the proper location, e.g. not on you home computer.

    Shred and confidential print-outs you may do at home.

    Reply

  4. Avatar

    Good article with decent pointers / tips. Side note: As a dad, I know that top picture was staged. It’s never that easy to work with a baby that size in your arms.

    Reply

  5. Avatar

    Working from home can be a good way to get things done! At least it is for me!

    Reply

  6. Avatar
    Eric Goldstein March 26, 2020 at 9:57 am

    Working from home gives me an extra hour and a half of not driving time that I can make use of!

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *