Remote services such as a VPN, or Virtual Private Network, that allow a user to work from home are an increasingly attractive option to employees within today’s challenges with the Coronavirus. But they come with security challenges.
If you are considering implementing a work from home work force, Data Integrity Services strongly recommends that the following action items are addressed:
- Create a remote user policy that the employee signs. If you are in need of a formal policy, contact Data Integrity Services for a template that can be used.
- The remote users’ device should be dedicated to the employee and should not be used by other family members.
- Family members like to play social games and access unsecured sites. This can lead to potential malicious traffic and attacks.
- Keep your work separate! Nearly one-third of users utilize their company computer for personal use. It not only affects productivity but invites security threats. Your company device should only be used by you and keep personal tasks off your business laptop.
- Avoid Public WiFi
- A lot of people like to work in cafes which have public WiFi. This is a very dangerous way of working because it means that hackers can target your computer if they are on the same network.
- Use Strong Passwords
- Strong passwords ensure that if a laptop is stolen or lost that hackers can’t get into it. They also help to protect your online accounts.
- Remember to use unique passwords for different applications.
- Data Integrity Services recommends using 2FA (two-factor authentication) on all remote devices. Contact Data Integrity for our recommended solution.
- Whether your organization owns laptops that your employees will take home or if your employees are utilizing their own, make sure that effective and up-to-date security protection is installed on the device.
- Data Integrity Services recommends that all remote devices have the Windows firewall turned on, Sophos Intercept X Advanced A/V, device encryption, and patch management applied.
- Encrypted Emails
- Encrypt your emails so that hackers can’t read your business emails. Install applications that ensure the protection of your emails.
- Enforce reasonable session time-outs for sensitive programs or applications.
- A user should not have to reconnect after walking to the kitchen to pour a cup of coffee, but at the same time you cannot trust everyone to always log out for the day.
- Limit program/file access to only the areas absolutely needed by that employee.
- Reserve the right to terminate employee access at any moment.
- Train employees on best practices.
- Consider requiring the end user to attend a virtual class on security and the challenges of remote work. Document policies and procedures for the employee to review and acknowledge.
- It is also a good idea to ensure your employees know how to spot cyber threats, such as phishing emails, so give them some training on cybersecurity.
- Require employees to connect over VPN.
- Virtual private networks, or VPNs, are one of the most popular security tools for remote workers because they protect laptop data online while retaining the same security, functionality and appearance as if they were within the company network.
If you are considering a remote work force concept, please contact us and we will assist.