The outbreak of the COVID-19 pandemic has changed the way we work forever. While employees in some parts of the world are returning to the office, other companies are sticking to remote or hybrid teams, after realizing the benefits during the depths of lockdowns.
However, business owners are often left scratching their heads when weighing up these benefits against the security risks attached to operating remote teams. A Cost of a Data Breach report by Ponemon uncovered the fact that 76% of companies believe that remote work increases the time to identify and control a data breach.
2019 was a record year in terms of global data breaches, with over 4 million records exposed. Throw into the mix the fast digitization and need for remote workers, as caused by COVID, and concerns about security are high. The good news is that you can make sure your remote or offshore teams are secure.
Starting off on the right foot
With the WFH trend is likely to continue, more businesses are now happy to hire remote workers on an indefinite basis. When choosing to close the gap by hiring off-shore talent, be sure to work with an outstaffing service provider that takes security seriously from the outset. Here at Double Yolk we have several measures in places to ensure safe remote work environment:
Employee background checks
Comprehensive background checks on all developers should be carried out. This should include police checks, credit checks and reference checks as a minimum.
Solid security processes
It’s easier and faster to cut corners when it comes to security – but could be something you end up regretting. All parties should be clear on the best practices to protect data and privacy at all times. Get NDAs and a Code of Conduct signed, and ensure developers are well-trained on how to identify and mitigate security threats.
Secure equipment
Having the right equipment and keeping it updated can keep your data safe. At Double Yolk, for example, we take the following steps to make sure our developers only work on high-security systems:
- Encrypt laptops with Bitlocker 256-bit.
- Keep laptops updated with firewall and antivirus upgrades.
- Utilize remote-wipe systems in case systems are compromised.
- Install endpoint detection on laptops to pick up any suspicious behavior.
- No use of cold storage, so data cannot be removed from the laptop using a hard drive or USB.
A suitable access plan
Establish the access plan that best suits your needs, based on your tech environment and data sensitivity.
Set up two-factor authentication
Two-factor authentication (2FA) provides an extra layer of defense in addition to passwords, which can become compromised. Passwords are notoriously weak and easy to steal (78% of Gen Z use the same password across multiple accounts) and 2FA requires additional verification. This could be in the form of hardware tokens, a code sent by SMS, biometrics, location or something else.
Most development tools enable the easy setup of two-factor authentication, so make it compulsory for remote workers to set this up to deter hackers.
Use a VPN
A VPN (Virtual Private Network) creates a private network through a public internet connection, by hiding your internal protocol (IP) address. Have your remote developers connect to your cloud environment or on-premise servers using a VPN. This encrypts the data that comes from their computer, rendering it useless to potential hackers.
Utilize virtual machines
A Virtual Machine (VM) is essentially a “virtual” software-based version of a computer. It works like a normal computer but exists only as code, and its software can’t interfere with the computer’s main operating system.
When your offshore developer operates from a VM, you can exercise tight control over the services they need to access. Standardization of the configuration of your virtual computers enables you to remove limitations of hardware or software that your remote developers may face on their computers.
Leverage a Bastion Host
A Bastion Host is a server configured to block unwanted attacks, while permitting access to traffic you trust. They’re used in cloud environments to enable access to a private network from an external network, which is why they’re so useful in remote working environments. Leverage one as the gatekeeper to your Virtual Private Cloud, and ensure your protected environment stays exactly that – protected.
Connect through a proxy server
Double Yolk offers a proxy server that your developers can connect through, so you can work together in the confidence that your server is protected by a proxy firewall. We test our servers regularly for vulnerabilities, including having them pen-tested every 12 months by a third party.
Proxy servers act as a gateway to the internet. Make sure your internal network is protected from threats.