Remote Work Requires New Security Policies

Most companies have moved to at least some combination of remote and work-from-home options, either as a response to COVID-19 or as a flexible benefit for employees. While you may have thought through some efficiency and communication standards for remote work, one area companies often forget to plan out is their security standards.

If you are already working with CentricMIT as your managed services provider we have probably already had a few planning sessions with you to work through your remote security policy. If you’re not currently working with us, we’d be happy to schedule a brief call to discuss your needs in more detail.

In the meantime, here are some starting places to help you minimize your security risks with remote workers.

Are all of your devices safe?

While cybercriminals make the headlines, sometimes it’s the old fashioned crooks who do the most damage. Often the first break in your security can come from a stolen cell phone or laptop. With employees working remotely, more of your sensitive data can find it’s way onto easily stolen devices. Be sure to instruct your team to keep an eye on their devices at all times, especially at coffee shops or at hotels which can attract opportunistic thieves. It helps to have mobile device management apps set up as well so that you can track, erase and recover lost mobile devices. Employees should be aware of snooping neighbors when entering their passwords or viewing data in public areas. When working at home, safety can also mean making sure your devices are free from kids, dogs, and spilled coffee.

Do you have a strong password policy?

Even if your device is stolen, a strong password can help keep the bad guys out. This is true of your web-based software applications as well, many of which can contain sensitive data. Good passwords are long, use a combination of alphanumeric and special characters, don’t use common words so that they aren’t susceptible to dictionary attacks and are unique to each system.

Is your security up to date?

It’s important to make sure your remote employees have the same protection you would provide employees inside your four walls. Every device should be protected with antivirus, firewalls, VPN and other encryption and basic web filtering and kept up to date for the latest in protection. If you don’t provide your remote employees with hardware, you might feel uncomfortable demanding they install your security applications on their own devices. You can at least have the discussion with your remote employees about security and let them know that they should not access sensitive systems and data unless they can assure you they are following your security protocols.

Is Wi-Fi secure?

Accessing systems on public Wi-Fi without a virtual private network (VPN) can open you up to hackers. It is not always possible to connect from trusted networks and even home networks can be vulnerable. Be sure to use a reliable VPN in all cases and also instruct your employees not to access business critical systems on public Wi-Fi networks. Of course, the same hold true for any use of public systems that you might find at a tradeshow kiosk, airport waiting area or public library.

Have you established email best practices?

For most employees, the vast majority of their work is conducted over email. Remote employees use email even more for answering questions when they can’t pop into the next cubicle or sharing files and data. If a cybercriminal gains access to email, they gain access to an enormous wealth of other sensitive data. It is important that you provide email security, encryption and management of your corporate email system. And as remote work increases in popularity, so do common phishing attacks. Be sure to carefully communicate email best practices to avoid unnecessary risks.

Do your employees use portable storage?

Your files contain your most critical data, but now more than ever they’re distributed across disconnected systems, devices, locations, and apps. We have worked with many clients on content management and file sharing systems that enable you to gain visibility and control across your entire enterprise while also improving employee experience and driving business advantages. If your remote employees are relying on USB thumb drives or other removable storage they are open to theft and malware that can easily be prevented with the right file sharing strategy.