Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. If an employee-owned device (laptop, PC, etc.) is connected to your company’s network and contains a virus or malware, they could be spread to your company’s network. As well, it becomes more of a challenge to verify the legitimacy of emails (you’re no longer across the hall from your boss who has requested an unusual money transfer), you may be unsure of policies and procedures as they pertain to a work from home environment, the list goes on and on. To be completely secure, you need to make sure you have the right guidelines in place.
We are providing you with a list of guidelines and tips to help you and your team as you prepare to work from home in a safe working environment. This list is for guidance and information purposes only, if you have any questions regarding these guidelines and tips, please reach out to us for additional information.
Guidelines & Tips
- Secure your workspace
- Make sure you have the ability to lock all of your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when needed. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business, laptops, phones, etc.
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a Virtual Private Network (VPN) to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Use multi-factor or two-factor authorization when possible. The adds an extra layer of security to your network
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone other than yourself use company owned devices or personal devices used for business purposes
- Use strong unique and complex passwords on all your devices and accounts to prevent unauthorized access. We recommend using a password management tool like 1Password.
- Have Wireless Security in place
- Change default WiFi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your router firmware is up to date. You can do this on the router itself or online where you purchased your subscription
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public WiFi. Never use public WiFi to send sensitive information without a VPN
- Ensure all personal devices are secure with anti malware
- Updated IOT Device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
- Ensure the software on all devices within your home network is kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
- Review and follow corporate Bring Your Own Device (BYOD) and other important policies and procedures
- Enforce Remote Work Employee Awareness
- Be extremely cautious of email phishing scams. The Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) have both released warnings about malicious actors sending out phishing emails contained with malware claiming to be from them
- Don’t reveal your business itineraries, corporate info, daily routines, etc.
Make sure you are doing everything you can to protect your business during these uncertain times. Staying aware and taking the necessary precautions is vital for every organization.