In recent months we have seen how coronavirus has altered the traditional working model of many companies. We can always talk about Google, Microsoft or similar examples of companies that were already very advanced in teleworking.
But, in this blog, we will focus on generally non-tech companies that in many cases were moderately prepared for this new work scenario and in others have had to quickly adapt technologically via a digital transformation with a significant risk to productivity
“A study published by EAE Business School relating to the impact of coronavirus indicates that, in April, teleworking in Spanish companies grew by 88% compared to 4% before the pandemic” (source: El País newspaper). If we look at this data and consider the future evolution of the virus until there’s a cure, it is safe to say that teleworking is here to stay and therefore requires a future model for implementing it that ensures productivity is not affected.
Teleworking brings a range of benefits
- A reduction in travel and pollution
- Savings in company and employee costs
- More flexibility in work organization
- Greater autonomy for the employee
- Opportunity to recruit and use talent from anywhere
Obviously, for teleworking to be feasible, the job role/activity must allow it, the employee must be capable of understanding and adapting to a new situation with the necessary motivation, and the right technology tools (hardware and software) must be available. Above all, the company must encourage improvement in all internal communications processes.
Technological teleworking requirements
- High-quality internet access with QoS mechanisms on shared networks
- Collaboration tools (like MS Teams, Slack, etc.)
- Virtual desktops, IP video conferencing systems
- Security mechanisms
- Remote support and assistance
Of these, all are relevant to a remote worker’s success, but particularly worrisome for companies is the issue of security – since not only the person carrying out their tasks can be affected, but the whole organization. And keeping workers outside a controlled office environment requires exceptional measures because while the tools for connectivity are relatively easy to obtain and deploy, productivity can plummet due to a lack of corporate security protocols.
What weaknesses are common in teleworking?
1. Physical security of company devices
Laptops, tablets and mobile devices may hold large amounts of confidential corporate information, and all these devices are highly susceptible to theft or loss in shared or public workspaces. Data protection mechanisms such as hard disk encryption, USB token or even secure password policies at startup are simple proposals available to all corporate IT departments.
2. Access to company networks
Most people use the internet to connect to company resources without conducting a basic vulnerability audit in their own connection environment.
The common resource is the Wi-Fi connection; open networks should be avoided wherever possible and an encrypted VPN should always be used for teleworking.
If the teleworker is using a device that does not belong to the company (as in the case of BYODs), security can be greatly increased by adding a remote desktop solution to the VPN, since this ensures that applications that have not passed the company’s security department criteria are not used.
When you cannot use the home network for teleworking, or any other network deemed a safe alternative, a 4G or 5G mobile data network should be used. By default, this type of network has several security measures to protect information going to and from the device, making it a reliable communication channel.
3. Software tools
It is obviously important here to allow access to email and permit the use of collaborative tools and cloud services while protecting our system against cyber attacks using antimalware, firewalls or antivirus solutions.
The use of virtual machines in the work device can be considered as a potential solution. This keeps the employee in a controlled environment and limits the exposure of the company network to the home environment. Although this solution is somewhat more complex to configure and deploy, it could provide a higher level of security long term.
4. Social engineering attacks
Here we are mainly talking about emails and URLs to unsafe websites that allow malicious software (malware) to enter the device or steal potentially confidential information (phishing).
Any workstation requiring access to information on the internet outside the VPN must be protected from the user visiting unsafe webpages. Web-filtering solutions have been developed with dictionary-based corporate policies that will only allow connection to sites that do not present a documented potential danger.
By using the simple rules mentioned above, you can avoid the kinds of menacing developments arising from security problems. Almost all ICT solution providers have a product portfolio that allows them to deliver key-in-hand solutions to companies, to be able to offer a reliable, safe service that does not affect productivity.
Teldat, specialized in manufacturing access equipment, can offer its customers a range of connection packages that are secure and easy to deploy for users. The product range also features content filtering solutions with configurable policies that enable teleworkers to access only those sites their company deems safe.