Allowing employees to work from home is one of the ways to combat the spread of COVID-19. It’s good to safeguard your employees, but are you doing so at the expense of your business’s cybersecurity?
In this post, we’ll look at the steps to take before you allow your employees to work from home.
Educating Employees
Most employees understand the dangers of clicking on links online. Do they fully appreciate the risks out there, though? Are they disciplined enough to avoid these dangers when they’re not being supervised?
Ransomware, for example, is often delivered through attachments like Word or Excel documents and spreadsheets.
Your employees know better than to click on files from unknown sources. Do they also know that they should also always verify the address of the sender from sources that they recognize, though? Phishers often use an email address that’s almost identical to the one that they’re emulating.
It could be something as simple as changing an “I” to an “L.” If you’re in a hurry, would you notice the difference?
Physically Securing Your Company’s Devices
Remote working cybersecurity seems simple enough. Providing your employees with a company-issued device ensures that they have organization-level security in place.
It doesn’t, however, do anything to prevent the device from being stolen. There’s also nothing stopping other people in the home accessing the device.
Start by encrypting the data on the device. This forms a dual purpose. If someone steals the laptop, they can’t access the data. Should a hacker gain access remotely, the encryption provides another layer of protection.
Strong Passwords and Multi-Factor Authentication
Do enforce strong passwords on booting up. Also, ensure that the computer times out after a relatively short period of inactivity. Add in two-factor authentication to provide additional protection against remote users.
The Employee’s Home Internet Connection
How secure is your employee’s home internet connection? How up to date is their software or firmware? Do they have a strong password on their connection? Do they use the default password? Are there smart devices that connect through to the same connection?
It’s worthwhile having all your employee’s networks scanned with a home monitoring app. This will highlight potential security issues.
Take the further step of having your employees create a guest network on their systems. This should be named something generic, like “Red.” The guest network’s names shouldn’t have anything that indicates that it’s a work connection.
This network mustn’t connect through to any devices not strictly necessary for work. At most, allow it to connect to a printer if essential. This helps to reduce the chance of the work computer being infected because it was linked to the smart bulb in the lounge.
Next, the employee must set a strong, unique password for that network. They mustn’t share this password with anyone.
Final Notes
Allowing employees to work remotely where possible can increase productivity. Take full advantage of this trend, but do ensure that your company data is secure first. By following the steps we’ve outlined, and creating a clear policy around remote working, you can maintain data security.
