You Still Need Great Cyber Security Even When You Are Working Anywhere

Following my blog on Tuesday about VPNs and security when “working anywhere”, including on holiday, here is a revised version of an article I wrote during Pandemic Lockdown #1. These were tips for organisations moving their operations to employee homes for the first time, but these can easily be adapted for the ongoing hybrid work anywhere situation we find ourselves in. For instance I have friends who work in London, and during the recent rail strikes their employers switched to home working for the strike periods as it was something they had done before.

Here are some of my top tips for working from anywhere:

Be Effective…

To work effectively as a team use tools that easily enable collaboration. Too many unconnected systems will make it difficult for your people. Look for integrated solutions.

…but be secure

You need to be confident that your information is secure but easily available to your team. Cloud SaaS solutions are the obvious solution – but whatever you use make sure it has:

Authentication – Authorisation – Accountability

These are the cornerstones of good governance for a responsible company. For example Microsoft 365 for Business meets the Triple A standard. I have successfully used the Microsoft systems many times to carry out cyber security reviews and investigations for clients.

Have written policies and procedures.

This is not an exhaustive list but as a start you will need at least these:

  • How personal devices are used – BYOD
  • Home router set up
  • Printing
  • Lone worker policy with reporting
  • Sharing of information
  • VPN
  • Café/hotel/train/plane etc working
  • Working time
  • Use of company equipment

Equipment – yours or theirs?

Working from anywhere is not just a cheap option for the company. For the best governance and accountability, the company should provide the laptop or desktop. Smartphones and tablets are more of a challenge as it has become the norm for employees to use their personal devices for business. This is where your policies and procedures and the security functions of the tools you use become very important.

This is not an exhaustive list; it is a start. If you grade your and your team’s work-from-anywhere habits, do they make the grade or fail. If there is a problem, then it is time to get some advice to tighten up your cyber security.

This is where you contact us if you want an hour with me, by Teams, to discuss the issues raised by the blog post.


Clive Catton MSc (Cyber Security) – 
by-line and other articles

Next: Let’s look deeper at AAA