Cybersecurity in teleworking

Most teleworkers use remote access, for example, via VPN, remote desktop, etc…. When teleworking, other terminals are often used, also known as endpoints, such as desktop computers, tablets, laptops, smartphones, which can compromise the security of teleworking, since we are accessing our organization’s computing resources from different external locations. of the company’s facilities.

Hence, it is necessary to take into account different measures necessary to guarantee secure remote connections or protect work devices, in short, to have a safe teleworking environment.

Establishing an organizational policy that defines the rules to be met in the different scenarios or regarding the use of the different systems or access methods is important if we are talking in terms of cybersecurity.

Bearing in mind that each organization will have its particular needs, in general it is recommended that the organizational or teleworking policy address the following elements:

• Take control of users who, due to their profile within the company, have the option of teleworking.
• Procedures for the request and authorization of teleworking.
• Applications and resources to which each user has access to carry out their work depending on the role they play in the company
• Secure access mechanisms through strong passwords, highly recommended and with double authentication factor, and that force periodic changes.
• Configuration or minimum that the devices from which secure connections are established must have, for example, operating system, antivirus, updates, etc…
• Protection of company data through procedures and technology to encrypt information supports.
• Use of secure connections through a virtual private network.
• Train employees before teleworking.

Whether we work at the company’s facilities or telework, we must ensure information security as the main asset in our organization.

Source: INCIBE