The past few months have proven that it’s possible for businesses to switch operations from physical to digital.
The COVID-19 pandemic has prompted governments in different parts of the world to impose home quarantine measures, leaving businesses, regardless of size, no option but to adopt the work from home model. Last May, Jennifer Christie, Vice President for People at Twitter announced that Twitter employees can work from home forever.
“The past few months have proven we can make that [work from home] work,” Christie said. “So if our employees are in a role and situation that enables them to work from home and they want to continue to do so forever, we will make that happen.” Twitter is in a unique position to transition its business operations from physical to digital, Christie said, given the company’s emphasis on decentralization and supporting a distributed workforce capable of working from anywhere.
Starting in mid-March, as a response to the COVID-19 pandemic, various levels of government in an effort to protect public health imposed travel restrictions, business closures and physical distancing measures. These measures which amounted to an intentional shutdown of the economy, Statistics Canada said, had resulted in an unprecedented shock to the Canadian labor market, including employment losses of more than 3 million.
As of May 2020, Statistics Canada reported that the number of Canadians who worked at least half their usual hours and who worked from home reached 4.9 million. As restrictions gradually ease in various parts of the country, Statistics Canada said, “For some Canadians, recovery from the COVID-19 economic shutdown will mean continuing to work from home ….”
The number of Canadians who worked from home in May 2020 is close to Statistics Canada’s April 2020 data of 5 million Canadians working from home. Statistics Canada said that in April 2020, out of the 5 million who worked from home, 3.3 million worked at a location other than home. “It can be reasonably assumed that these workers changed their workplace in response to the COVID-19 economic shutdown,” Statistics Canada said.
Move from Physical to Digital Operation
Here are some of the best security practices in continuing to adopt the work from home model or if your small company plans to switch operations from physical to digital:
- Security Patch
Patch is the term used for a set of code inserted (or patched) to an existing software program to fix known security vulnerabilities. A patch is important as software programs aren’t perfect. Along the way, security researchers, software vendors themselves and cybercriminals could find loopholes in the code of the software, leaving the software exposed to cyberattacks.
When buying a new software, always ensure that the software vendor offers regular and out-of-band patches. Regular patches refer to patches that are released on a regular basis, out-of-band patches, meanwhile, refer to patches that are released other than the regular release time.
- Secure Data Backup
Backup is a fail-safe measure in case something prevents your organization from accessing data stored in the cloud or local drive. Practice the 3-2-1 backup rule. This rule requires three (3) copies of your data, two (2) backup copies on different storage media, and one (1) of the storage should be located offsite such as in the cloud.
- Secure Remote Access
Secure remote access to your organization’s network and cloud accounts with multi-factor authentication – a security feature that goes beyond the traditional single-factor authentication, referring to the commonly used username and password combination. The use of multi-factor authentication protects your business IT infrastructure from brute-force attack – a type of cyberattack that uses the trial-and-error method in guessing the correct username and password combination.
It’s important to note that there are available resources online that make it possible to bypass multi-factor authentication. As such, added layers of security measures have to be in place to protect your business IT infrastructure.
In addition to multi-factor authentication, limit access to your organization’s network and cloud accounts via VPN, short for virtual private network. Like multi-factor authentication, VPN adds an extra layer of protection for your organization’s network and cloud accounts. Be sure to apply in a timely manner patches to VPN.
In light of the on-going COVID-19 pandemic and people moving on to working at home, cybercriminals are actively exploiting known security vulnerabilities in various VPN products. It’s also important to choose a trusted VPN product as there are fly-by-night VPN vendors out there whose only aim is to steal customers’ data.
The Canadian Centre for Cyber Security has this added advisory when allowing workers who work from home to remotely access your organization’s work server: “Your organization should assess what data is sent and accessed through a VPN and the value of this data to understand the risks associated with using a VPN. Your organization should have clear policies for employees who use a VPN to remotely access a work server.”
- System Logs
A log is a record of events that take place within your organization’s networks and systems. Logs play a vital role when it comes to diagnosing problems into your organization’s networks and systems, such as unauthorized access.
- Cyber Incident Response & Management
In switching business operations from physical to digital, always assume that your business will be attacked. Cybercriminals are relentless in their pursuit to gain financial advantage or simply to create chaos. Having a clear cyber incident response plan on what to do in case something untoward happens to your organization’s IT systems, networks and cloud accounts is important.
At GenX Solutions, we’ve helped hundreds of businesses and business users across Canada successfully migrate to and support remote work arrangement.
Save valuable time, money and resources when you contact us today for a free, no obligation evaluation of your business requirements. Call now (416) 920-3000 or email us at email@example.com