Intelligent CIO LATAM Issue 37 | Page 48

FEATURE : REMOTE WORKING
7 . Rigorous access controls
To control access to sensitive data and minimise the risk of a security breach , employers should apply the principle of least privilege over access control – only allowing users access to the specific assets that they require for their work .
Files should be removed when they are no longer needed and access should be revoked as soon as it is no longer necessary .
8 . Provide employees with what they need
A major risk of remote working is that employees may implement tools , systems or habits that are not sanctioned by the company to make their jobs easier . This could include using risky apps and tools , sending files via unsecure channels , or storing assets somewhere unprotected .
The most effective way to avoid this risk is to provide remote workers with all the tools they may need to do their job effectively and ensure that they are aware of all the approved platforms that they have access to .
workers fully understand what the procedures are and why they are important .
In 2023 , over 352 million individuals were affected by data compromises , highlighting just how critical it is for organisations to provide employees with comprehensive training on what constitutes sensitive data and how they can protect it , as well as what is at stake if they don ’ t .
And training doesn ’ t have to be dull , for example setting up phishing email simulators to engage the team and allow them to see the potential dangers in action .
Regular training and guidance will ensure that remote workers are equipped to do everything they can to keep company data safe .
Venky Sundar , Founder and President of Indusface , said : “ Remote working means people are working in less secure environments and their devices are more exposed to data breaches both digitally and physically . Many remote workers are using the same device for professional and personal use or even accessing company data on devices shared with other household members .
It should be an integral part of security policies to approve web app purchases and free downloads , mitigating the risks that come with using a combination of open-source CMS and cloud-based apps .
“ Employers can no longer rely on the security strategies that were designed for in-office working ; data is no longer just being accessed under one office roof where IT can supervise .
9 . Fully prepare and train remote workers
Employees can implement endless security strategies , but efforts will be futile unless remote
“ It is crucial that employers prepare for this new way of working and protect themselves from vulnerabilities . Defences such as firewalls , pen testing and VPNs are more critical than ever .” p
48 INTELLIGENTCIO LATAM www . intelligentcio . com