Armed with their laptops and some rudimentary training, that new army of telecommuters were left to their own devices, forced to set up home offices, act as their own tech support and somehow protect the intellectual property of their employers. Is it any wonder targeted phishing attacks and ransomware demands came rolling in?
The simple answer is no, and now businesses are seeing the results. Now that the dust has settled, it’s time to revisit the best practices that can make working from home safer and more secure. And since October is Cyber Security Awareness Month, now is the perfect time to introduce and reinforce those lessons.
Best Practices for Working Remotely
Here are six best practices all home-based workers can follow to secure their data while working from home.
1) A Secure Internet Connection
When you work from home, you are entirely reliant on your internet connection, and the safety of the data you work with is only as good as the security of your connection. If you want to work safely at home, you need a secure internet connection that is safe from prying eyes.
Work from home employees should ideally use a virtual private network (VPN) or a LogMeIn product to connect to the company network. These products create a secure tunnel through the internet, protecting intellectual property and proprietary data from unauthorized access.
2) Control Access to Company-Owned Devices
Access control is critical for all home-based workers, but maintaining that control can be difficult. In office-based environments access control is relatively easy, but at home there are roommates, spouses and children to worry about.
It is important for businesses to secure the devices home-based workers will be using. They can build in automatic screen locks, robust passwords and other safety measures. Encrypting hard drives and changing from default passwords and multi-factor authentication are additional steps businesses can take to protect work related devices – regardless of what environment they are used in.
3) Determine the Access Devices Have to the Business Network
The devices your home-based workers use will obviously need access to both the internet and the company network, but the level of access they are granted matters a great deal. Allowing those devices too much access or a higher level of access than is absolutely necessary is extremely risky.
It is best to follow the principle of least possible access when it comes to connected employee devices. Workers in the accounting department, for instance, do not need access to files created by the marketing team.
4) Consider the Endpoint
Security for home-based workers is a multifaceted issue, and it demands a multifaceted approach. If you want to keep your workers and data secure, you need to make sure the endpoint is properly protected.
If you have adopted a bring your own device (BYOD) strategy for your remote workforce, you will need a plan to secure those devices, including applying updates and running antivirus and anti-malware software. If workers are using company-provided devices, you will need a plan to keep those devices secure and up to date as well.
5) Backup Your Data – and Test Your Backups
No matter where your workforce is located, it is critical to back up your company data on a regular basis. If you do not have a solid backup plan in place, you are living on borrowed time, and sending your workers home will make an already bad situation that much worse.
It is vital that you have a backup plan in place that includes daily backups, real time backups for your most vital files and ongoing testing of the backups you create. It is not enough to have those backups; if you want to protect your business, you need to know those backups are working the way they should.
6) Keep Business and Personal Devices Separate
When employees are working from home, there is a strong temptation to simply use the devices they already have. Some companies have reinforced this, drawn by anticipated cost savings and other supposed benefits. Even so, there are real reasons to keep business and personal devices separate, including enhanced security and a reduced risk of outside intrusion.
If you are looking for an easy way to enforce that separation, Maas 360 could be the answer. Maas 360 is a product designed to handle mobile devices and laptops, and once the solution is implemented you will know what is happening with everything installed on that device.
Whether your kids installed software for their online classes or your spouse downloaded a sports betting app, Maas 360 will make the appropriate adjustments.
A remote, home-based workforce can have a number of benefits for your company, but there are risks as well. Hackers are already targeting telecommuters with phishing attacks, and the problem is only expected to get worse.
If you want to protect yourself and your remote workforce, utilize these six best practices and contact us if you need guidance or support.