fbpx
0

Maximising data protection for secure remote working

By John Michael

The dynamic of the workplace has shifted. A hybrid or flexible model has become the preferred method of working for millions of employees, with remote capabilities allowing greater freedom to collaborate and innovate outside of the confines of the 9-5 office. Yet, despite its many benefits, remote working raises questions about data vulnerability.

Rising cybercrime and the emergence of ‘ransomware-as-a-service’ means that the safeguarding of company and personal data has never been more critical. With data being regularly moved between home, fixed office and even a co-work space, it’s imperative to consider security hygiene and how it can be improved if the hybrid model is to succeed long term.

Transport files securely

The demand for flexible working means a growing number of devices that are potentially on the move, rather than being kept at a permanent desk within a fixed office. The likelihood of a device being left or stolen, therefore dramatically increases, potentially placing sensitive files and company data directly into the hands of a malicious threat actor.

The demand for flexible working means a growing number of devices that are potentially on the move, rather than being kept at a permanent desk within a fixed office. The likelihood of a device being left or stolen, therefore dramatically increases, potentially placing sensitive files and company data directly into the hands of a malicious threat actor.

Encrypt data in the cloud

The cloud is often the preferred option for remote workers to connect and collaborate. However, concerns over cloud security mean that a business might hesitate to utilise its services for data storage. To ensure total privacy, data must be encrypted, but this requirement for encryption cannot be dependent on the cloud service provider (CSP) where the encryption key is stored in the cloud and therefore accessible to hackers and cloud staff alike.

The solution is to remove the encryption key from the cloud and physically store it within a PIN authenticated external USB module. This allows users to access data stored in the cloud, while also being able to securely encrypt information from a local computer, a network drive, or sent via email or file sharing service.

Centralise data management

Multifactor authentication is a highly recommended best practice for data protection compliance. If a hacker were to obtain a cloud user’s credentials, the breach would go unnoticed to the cloud service provider as it wouldn’t be able to differentiate a legitimate user from an attacker. The encryption module increases security measures to as much as five-factor authentication.

Use of an encryption module by authorised staff will reduce the risk of data loss due to human error but doesn’t eliminate the possibility entirely. This is where central management is needed, enabling those responsible for cloud and data security to monitor file activity, set geo-fencing and time-fencing restrictions, encrypt file names and disable users’ access to data remotely.

Back up sensitive information

Regularly backing up encrypted files is essential best practice. Using a 3-2-1 strategy, for example, means having at least three total copies of the data, two of which are local but on different mediums, and at least one copy stored off site.

Consideration should also be given to the means of data storage. A PIN-authenticated, encrypted USB flash drive or HDD/SSD with an on-device crypto-chip and AES-XTS 256-bit hardware encryption offers the highest levels of protection. Adding an extra layer of security, such as a secure microprocessor that is Common Criteria EAL5+ Certified, utilises physical protection mechanisms designed to prevent a wide array of cyber-attacks.

Retaining full responsibility for data encryption and management will contribute to maintaining business continuity, helping managers uphold staff compliance to data protection regulations and eliminating any complexity associated with flexible working models. This ultimately results in peace of mind and safer data.

Learn more about improving data security.