Security Safety Tips for Working Remotely
As we head into the holiday season, many of our clients will be headed out of the office for extended periods of time to celebrate with their families. These clients will be working remotely while their offices experience holiday shutdowns. Two of our most popular services are setting up virtual desktop infrastructure and VPNs (virtual private networks) both of these help our clients with giving their employees a safe and secure way to work remotely. Even if you are not having a holiday shutdown but you are planning to institute a remote work policy, this article will explain some security safety tips for working remotely.
Preconfigure your work from home and remote work policy for your employees.
Before you implement work from home or even if you currently allow it, your security should be tested. After security is assessed and improvements are made, a policy on remote and home-based work should be published and distributed to all employees. You can read more about writing a remote work policy here. After the policy is read and signed, employees should be given IT approved and secure company issued laptops. We will talk about why this is relevant further on in the article.
What kind of WiFi is the most secure for remote work?
When an employee opts for the ability to work from home, they should have at least a WPA2 encryption to work off of. Outdated security protocols such as WEP and WPA can be more easily hacked and are considered much less secure. Your employee should also always use a VPN. This creates a secure connection for sending and receiving data. VPNs also hide your IP address so that your online activity is hidden.
Phishing scams and remote work
Phishing attacks are becoming increasingly more sophisticated and harder to spot. They typically involve hackers who send emails that appear legit and credible but if the victim clicks on the link, they can be fooled into sending the hacker sensitive data such as bank details or credit card information. Phishing is a truly relevant problem during the holidays. Employees who are online shopping for gifts may accidentally open a phishing email from their favorite “retailer” and end up infecting the entire company network with malware.
Secured email can often pick up phishing emails but it is important that your employees get the proper training on how to spot phishing emails. Cybersecurity awareness training is usually the best option for training employees on how to avoid falling victim to phishing attacks. Keep in mind that some phishing attempts may also come via phone or from text messages, but this training will also help employees spot these scams as well.
Can employees use their own computers for remote work?
Many employees opt to use their own devices when working from home, but this poses a significant risk because many of these personal devices store data that is not protected. Providing employees with laptops and other equipment that is secured and encrypted can go a long way in protecting sensitive data.
It is a best practice to ask employees to only conduct work related activity on the devices you provide. Employees that use their company device to read personal email or to shop online may open the door to the company network being infected with malware or ransomware. Employees should also be the only ones to be using the company device. Household members should not have access to the machine.
Make sure employees are using multi factor authentication when working from home or remotely.
MFA or multi factor authentication has become a staple of many websites and internet-based services. Multi factor authentication is also known as two factor authentication. Make sure that employees know that they should not rely on passwords alone and should utilize authentication apps such as Microsoft Authenticator or Google Authenticator. Passwords tend to get reused, leaked, or hacked so it is best now to have a back up method.
Cloud storage and remote work
If your company uses cloud storage, all employees should use it especially when they are working from home. Cloud storage ensures that if company data or files are lost, destroyed, or compromised, you are more likely to have the back up of it to restore. Cyberattacks, power outages, and natural disasters are all common causes of data loss, therefore, implementing DRaaS or disaster recovery as a service will ensure your data is regularly backed up in the cloud and safe. Just make sure that employees know how to properly back the data up to cloud storage. Documents that are stored in the cloud are also safer because they are protected by a firewall that is attached to it.
Make sure employees are kept aware of any changes or updates in your company’s security guidelines.
Employees should always be kept aware of any new threats that IT or your managed service provider notices. Even if they are working from home, it is important to keep them up to date with security related information. You should also encourage employees to be upfront about any suspicious emails or unusual activity they notice. Employee equipment should also be kept up to date with the latest antivirus software and other helpful security tools.
We hope you enjoyed our security safety tips for working remotely. Contact us to learn more about how we can help your business set up a successful remote work plan.