Photo - Michelle Ong, Fortinet's Country Manager for Malaysia.
Network security specialist Fortinet has urged Malaysian companies to enhance the security of remote work environments as more employees are working away from the office.
Michelle Ong, Fortinet's Malaysia country manager, said, "Many Malaysian organisations are shrinking their office spaces and expanding their employees' ability to work from home."
"In this exceptionally mobile world, 'home offices' can literally be anywhere that isn't company property," said Ong. "Therefore, organisations in Malaysia need to take the security of their employees' home offices seriously."
She said that organisations should reassess the IT security needs of its remote workers. "Companies should create a written policy on personal devices, home offices, and remote access to company networks and assets."
Wireless connectivity gives employees access to their corporate network from wherever they are working, said Ong. "Securing the home office is really about taking a holistic approach to endpoint security and remote access rather than making sure employees have something more than WEP securing their wireless routers at home," she said.
Ong said Fortinet has issued an advisory with the following six practices to securing a remote work environment:
1. Use a VPN: No matter how an employee accesses corporate resources, if done with a correctly implemented VPN tunnel, content moving to and from employee resources will be secure.
2. Enforce client antivirus installation and updates: Multi-layered approaches to security are critical to ensuring their effectiveness, both within corporate networks and outside of them. At the same time, it can be difficult to ask users to protect themselves or their employers' networks. Running antivirus updates and OS patches tends to fall fairly low on their list of priorities so implementing services that enforce automatic updates on clients outside of corporate networks is a must for remote workers.
3. Prevent the use of consumer cloud storage products: As consumer cloud storage products like Dropbox and Google Drive have become more full-featured and easy to use, it becomes very tempting for users to simply upload work files to the cloud. Unfortunately, when employees leave a company, there is no way for employers to ensure that corporate assets don't stay on that desktop computer in the ex-employee's home office. Preventing access to these services while employees are on the network provides a layer of protection and control, not to mention regulatory compliance for many industries.
4. Provide platforms that avoid the use of removable media and facilitate secure collaboration: Of course, if users can't upload their files to their personal cloud-based storage account, they'll be tempted to load them onto flash drives or other removable media to access them at home.
Sign up for CIO Asia eNewsletters.