COVID-19 and working from home securely: What you need to know

March 18 2020, by | Category: Government

COVID-19 image, coronavirus, working from home securely

 

The continued spread of the coronavirus has changed life as we know it. We are seeing more organisations elect to have their staff working remotely to reduce the impact on staff health, business operations and to slow the spread of the virus in Australia.

While this is an effective bio-security mitigation strategy, working from home will increase cyber-security risks.

How do organisations and their homebound staff reduce this risk? This article provides guidance on what staff and organisations need to consider to securely work from home.

For staff working from home:

  • Never connect over a public network (e.g. libraries, Wi-Fi hotspots). Connect only to your home network or tether through a work mobile device. This will reduce the risk of communications being intercepted.
  • Minimise personal use of social media and web browsing on work laptops and devices while working remotely. There may be an increased cyber-security risk with these activities while at home.
  • Do not allow family members to use work laptops or devices. This will reduce the risks from social media use, installation of third-party apps, and inadvertent browsing to malicious sites.
  • Where possible, use agency provided cloud storage for all data. This will reduce the risk of data loss if a work laptop or mobile device is lost or stolen.
  • Do not transfer work files to any personal devices; do not use USB storage devices.
  • Just like USB storage, avoid using any home printing or scanning devices. These can store copies of the documents printed on an unsecured hard drive.
  • Remote workers will be targeted by phishing campaigns. In particular, do not respond with haste to any “urgent” email requests. Confirm via non-email communication with the requester before taking any actions. Phishing campaigns will use urgency to take advantage of a remote worker’s lack of access to their greater team.

What organisations need to know:

Before any organisation allows users to work remotely, the following infrastructure should be in place to minimise cyber-security risks to the agency:

  • All access to agency networks/systems should be over Virtual Private Networks.
  • Remote staff will be a target. Prepare your staff by educating them on identifying and avoiding phishing attempts.
  • Where possible, use secure cloud storage for all data. This will reduce the risk of data loss if a work laptop or mobile device is lost or stolen.
  • All remote user access should require multi-factor authentication.
  • All user devices should have Endpoint Detection Respond software installed.
  • All remote devices should have firewall software enabled (e.g. Windows Defender Firewall).

Regardless of the organisation, remote staff and their additional devices will increase the strain on their IT infrastructure. Here at Macquarie Government, we can assist you with the right solutions including:

  • Secure file transfer and collaboration (to allow for classified documents to be safely shared)
  • Two-factor authentication (to help authenticate additional devices connecting to the network)
  • VPN
  • Internet bandwidth upgrades

If you require assistance please call 1800 004 943, option 4 for more information.


From the Blog

Budget delivers timely infrastructure, c...

13 May 2021 Macquarie Telecom Group (ASX: MAQ) has welcomed publication of the 2021-22 Federal Budget, particularly its focus on building critical infrastructure, bolstering cyber…

Read More

What makes a government cloud?

Since the release of the National Strategy for Cloud Computing in 2013, the Australian Government has continued its trajectory of cloud adoption for the significant…

Read More

The digital infrastructure you’ll neve...

In a secret location there is a Canberra data centre that’s a silent fortress and a cornerstone of the Australian Government’s digital transformation strategy. At…

Read More