I’m very fortunate in the COVID-19 situation. My job as editor of the AT&T Cybersecurity blog lends itself well to working from home. In fact, even before the virus I had the privilege to work from home some of the time – of course with a VPN and other security measures, on company equipment.
The biggest impact has been personal for me. I miss my colleagues at work. I miss the in-person laughs and socializing. This has been replaced with many online meetings where we take the time to chat and relax a bit before getting down to business. It’s not as good as in-person interaction for an extrovert like me, but it’s wonderful all the same.
Many others are finding it more challenging to work from home. I had the chance to speak to the sister of a friend who works for a small law firm (6 people) that previously didn’t allow employees to work remotely. With new work-from-home requirements, they had to adapt very quickly.
The Federal Consumer Credit Protection Act is a big concern to this small law firm. It provides valuable safety rights for consumers. On the flip side, it puts the onus on businesses to provide that these rights are protected. Definitely something to consider in erring on the conservative side and requiring employees to work in the office for the sake of security.
The main driver for requiring people to work in the office was data security. Fear of the cloud was holding them back. Larger companies have been using cloud-based applications and allowing remote work for years – but this is not the reality for many small companies. Although this company already had great policies, including not storing information such as social security numbers of clients in their records, cloud-based applications and remote work were a bridge too far for the firm. Until Covid-19, which forced them to cross that bridge.
COVID-19 forced innovation and protecting client security to the forefront. It forced them to cross an uncomfortable bridge.
They had to make the transition in literally a week. Schools were closing down and since most employees in this firm had kids, there was no option. They were fortunate to have a technical office manager who required very little third-party support from an IT contractor to make it happen. She was able to get the Office 365® suite in the cloud for everyone and set up ONEDRIVE® in a few days.
While this was a tough change, there are upsides. Avoiding a 45-minute commute each way was a bonus. Working at home with small kids – wow, a challenge. But manageable.
I believe COVID-19 will impact us going forward in unexpected ways. For this small law firm, once it’s proven that it works to allow employees to work from home securely, how many will change their policies even after the virus is defeated? It will be interesting to see.
Helpful ideas for small companies
Many small companies are in this position now. Remote endpoints are a tempting target for hackers Here are some helpful ideas:
- Require employees to use a VPN and have them use only company equipment for work. Company equipment shouldn’t be used by non-employees.
- Require Multi-factor authentication for critical application access.
- Provide that any video conferencing tools and applications are password-protected.
- Pre-install strong endpoint protection on company-owned devices.
- Get help from your cloud application providers. This legal firm was walked through moving to the cloud by their billing software company.
- Implement backup and restore best practices. In the case of ransomware especially, this can be a lifesaver.