In today’s connected world, it’s common for employees and vendors to access your network remotely. But as convenient as this is, it also opens up potential risks. To keep your business safe, it’s essential to enforce strong security standards for anyone connecting to your network. Equip your employees and vendors with the right tools to make security part of their everyday routine.

How to PROTECT DEVICES

Whether employees or vendors are using company-issued devices or their personal devices, it’s crucial that those devices are secure. Here are some key tips to follow — and make sure your team does too:

1. Change Router Defaults

• Always change any pre-set router passwords and the default router name. It’s equally important to keep the router’s software up to date. You may need to check the router’s website regularly for updates.

2. Enable Full-Disk Encryption

• Consider enabling full-disk encryption on laptops and other mobile devices that connect remotely to your network. This protects stored data if the device is lost or stolen, which is especially critical if sensitive information is involved.

3. Disable Auto-Connect on Smartphones

• Change smartphone settings to stop automatic connections to public Wi-Fi networks. This helps reduce the risk of accidental exposure.

4. Keep Antivirus Software Updated

• Ensure that all devices connecting to your network — including mobile devices — have up-to-date antivirus software installed.

How to connect REMOTELY to the network

When employees or vendors connect to your network remotely, it’s vital they use secure connections. Here’s how to ensure that happens:

1. Use WPA2 or WPA3 Encryption

• Require the use of routers with WPA2 or WPA3 encryption when connecting from home. These encryption standards protect information sent over wireless networks, ensuring it can’t be intercepted by outsiders.

2. Use VPNs on Public Wi-Fi

• Public Wi-Fi is inherently insecure, so employees should only use it if they’re also using a virtual private network (VPN). A VPN encrypts traffic between their device and the company’s network, making it much harder for hackers to access sensitive data.

What to do to MAINTAIN SECURITY

1. Train Your Staff

• Include information about secure remote access in regular staff training sessions and new employee orientations.
• Provide clear cybersecurity policies, distribute copies to your employees, and explain why following them is essential.
• Ensure that any device connecting to your network — whether at home or from a vendor’s network — meets your security standards before granting access.
• Educate your team on the risks of using public Wi-Fi and how to stay secure.

2. Equip Your Team with the Right Tools

• Require employees to use unique, complex passwords and never leave workstations unattended.
• Implement multi-factor authentication (MFA) for accessing sensitive areas of your network. This adds a layer of security beyond just a password, like using a temporary code sent to a smartphone or a physical key inserted into a computer.

What is MFA? Is it useful?

• If you offer Wi-Fi at your business location, make sure it’s separate from your internal business network.
• Consider setting up a VPN for employees to use when connecting remotely.
• Include specific security requirements in your vendor contracts, especially if they’ll be connecting to your network remotely.

With employees and vendors working remotely, securing your network is more important than ever. By enforcing strong security practices, keeping devices secure, and ensuring that your team understands the risks, you can keep your business protected from potential threats.

Stay tuned, stay secure, and let’s make Cybersecurity Awareness Month count!

*Article inspired by the guide “Cybersecurity for small business” written by the Federal Trade Commission (FTC).

——————–

We at APIS Consulting can assist you in enhancing your cyber security knowledge and IT security procedures. If you require any trainings, cyber security audits, to boost your IT security, or to outsource your IT security, you can get in touch with us via email at contact@apisconsulting.cn or by adding Antoine on WeChat using the QRcode below.

---