In recent months, we have seen an exponential increase in the number of business owners moving their employees to home working due to governmental health and safety recommendations. Whilst some members of staff may be used to working from home, either on an occasional or more permanent basis, for others, this is a totally new experience.
Some employees may have ample equipment at home to begin remote working right away, whereas others may need a little support in the way of equipment provision or management.
I know of several businesses who have allowed members of staff to take their work computer(s) home with them in order to streamline work processes and make the transition into home working as natural as possible.
During this time of uncertainty however, it is vital that we, as business owners are on top of our employee’s remote working security efforts.
Security Risks When Remote Working
Businesses must carefully consider the potential consequences to security when their teams are working from home in terms of access to systems and internal IT software. Essentially, each time an employee accesses your businesses’ data online, the risk of damage or corruption to that data grows.
When your team are working within an office environment, the risk is usually only between the server, internal network, and user device. When, however, we add domestic grade security systems and home internet routers into this mix, we once again see the risks to your business grow.
When evaluating your remote working security risks; as well as the technological threats, you as a business must also consider the potential physical risks to employee’s devices and in turn, your data.
Remote Working Security Tips
Physical Device Security
All devices should, as standard, have password protection, and you should set standard guidelines to all members of staff that if they live with others, they should lock their device if they are stepping away from their work space and are out of view.
Devices should be located in a secure part of their home, and if they are to leave the house, they should ensure the doors are locked, and lock or shut down any work devices left inside.
Provision of Remote Working Security Knowledge
If, as standard, you provide all employees with basic knowledge on how to work from home securely, they are more likely to make an active effort in maintaining this, with no excuse should they decide not to.
This education should include information around phishing emails and how to identify them, avoiding using Wi-Fi that others, outside their household may have access to, the dangers of downloading or installing third party apps without their employers consent and anything else you deem relevant to your business or staff members.
Separation of Work and Personal Devices
This point essentially comes in two parts, the well-being of your employees and the security of your business.
We recommend that all employees should have separate devices for work and personal activities. This includes both laptops/desktops, phones, and any other equipment they may have for either home or work use.
The reason behind this being firstly that it is important your employees have time to switch off, away from work and without the constant interruption of email or other notifications at the dinner table.
Secondly, however, and arguably more relevant to this blog, we recommend this to ensure that whatever malware could be present on the websites your employees use in their personal time is not a risk to your business security. This could include anything from an app they downloaded to make themselves look younger/older, to illegally watching a film they just couldn’t wait to see in the cinema.
Encourage Use of Secure Cloud Applications
When evaluating how to work from home securely or worrying about your employee’s remote working security, it can be easy to gloss over the importance of maintaining employee productivity. Sometimes, however, the two come hand in hand and that is certainly the case when it comes to the use of secure and approved cloud applications like Microsoft Office 365.
These systems protect your employee end points by ensuring that any vital or confidential information is not stored locally on their devices. We recommend Office 365, however it is important that whichever third-party cloud storage service you opt for is verified for use by your security team.
Install Threat Detection & Prevention Software
Every business should already have a standard practice in place for scanning employees work devices with some form of up to date malware detection tool as well as hopefully, a real time antivirus software.
This practice should not be abandoned simply because your employees are no longer in the office. Every week, you should encourage your team to scan their computers for threats using your choice of software and report back to you with any treats detected.
If you would like some additional support in ensuring your remote workers are as secure as they can be, then please do not hesitate to get in touch with a member of our team who will be more than happy to discuss your options.