Over the last ten years, the number of employees working remotely has increased by a fifth – that’s nearly a quarter of a million additional people putting in the hours from the comfort of their own home.
With technology evolving, employees no longer need to be sat behind an office desk in order to work productively. In fact, research has shown that remote and mobile working is a good thing, with 82 per cent of those working from home feeling less stressed, and 80 per cent experiencing higher levels of morale.
If you’re thinking of introducing remote working for employees, then you’ll need to consider security of your systems. Potential for cyber criminals to access company data is always apparent, so it’s important that current protocol isn’t relaxed. Whilst you probably have security procedures in place at the workplace, it’s crucial that these are reflected out of the office too. Here are top tips to boost security when working remotely.
Lock up laptops
Whilst it may be obvious, it’s important to make employees aware that if they’re working in a public place – whether it’s a shared office space, café or even on public transport – their devices should be in their line of sight at all times.
When employees are at home and not working, they should stow away their devices so that no one can see them – much like they would with any other valuable items they have in their home.
Stolen devices present a great opportunity for cyber criminals trying to access your company’s systems – don’t make it easy for them.
Set difficult passwords
Educating employees on good password hygiene will help make it harder for cyber criminals to access company systems should laptops or phones be stolen.
Whilst in the past we’ve been advised to choose long passwords with a mixture of upper and lower-case letters, numbers and characters, these are now becoming easier to predict by computer hackers. Instead, picking an obscure password with a combination of random words will make it more difficult for hackers to crack.
Two-step authentication and not auto-saving passwords will also strengthen security. It’s also worth installing software such as Find My iPhone, AirWatch or Jamf Pro on your employees’ devices so that should they go missing, you have a better chance of securing them.
Limit use of public wifi
Public wifi is vulnerable to malicious attack, so employees shouldn’t be using it for company work. Even though they may login to the VPN, those few seconds that it takes to connect will still be an opportunity for cyber criminals.
Ultimately, it’s down to you to set some guidelines. You may say to employees that they can use public wifi for non-critical business work or alternatively, you may decide that no work can be done using public wifi at all.
Avoid using public computers
This leads nicely on to the next point. Employees will more than likely have a work laptop or device, although they may use their personal one instead.
There may however, be a time when they don’t have their devices on them, and need to do some work – e.g. at an airport business lounge, where there are computers available.
This is another thing that you’ll need to set guidelines for, which will be in-line with your rules on public wifi. Are employees allowed to conduct non-sensitive or critical work on public computers, or should they avoid using them? It’s your choice.
If you do decide employees can use public computers, then reiterate the basics like not storing passwords, and keeping screens hidden if possible.
Hide passwords and PINs
No one types their PIN on full display when withdrawing cash from an ATM, do they? So why would anyone make it obvious when typing in the pin on their phone, or the password on their laptop?
Employees working remotely will need to treat their devices with the same discretion as they would when withdrawing cash. Subtly covering the screen of their phone or laptop reduces the risk of other people seeing passwords and potentially logging in later.
Emails are often the first port of call for cyber criminals: with most of us receiving spam and phishing emails on a daily basis.
Applicable for workers both in and out of the office, emails should be encrypted. This ensures that all content on emails is disguised, protecting potentially sensitive information, so that only the intended recipient(s) can see it.
If you haven’t already, you should install Mimecast on your company’s emails. It’s a software that helps to keep attackers out, keeping your sensitive information safe.
Check USB sticks
USB sticks can be a source of malware, and for that reason, should always be checked by your IT department before employees use them.
Even freebie USB sticks given out at conferences may be infected without the organisers knowing. Ensure employees know that they can’t use a USB stick in their company’s devices unless it has been confirmed OK to use by IT beforehand.
Ensure all security protection is up-to-date
Employees will likely have security software installed on their laptops, but simply having it on there isn’t enough. If it’s not up-to-date then it’s of no use at all, so ensure that employees run any updates that they’re asked to do.
Employees working remotely should have antivirus, device encryption, firewalls and web filtering all installed on their laptops to ensure they’re as secure as possible – just like all office computers.
Make use of network monitoring software
If your organisation can use software to monitor the security and network that employees are working remotely on, then it will help you to identify any potential threats.
It means that email and web servers can constantly be monitored, and will notify a network administrator if anything goes down.
By monitoring any problems caused by overloaded or crashed servers, or network connections, it’s just another way to ensure that systems are secure for remote workers.
Pets, children… although accidental, you never know what they may get up to! For remote workers, an inquisitive child, or a cat that likes to sprawl across the keyboard may lead to a couple of taps of the keys… resulting in who knows what.
Ask employees to take precaution and keep devices out of reach when working remotely – they should be the only ones who have access to work devices.
With so many benefits to remote and mobile working, if you do decide to introduce it to your workplace, keeping security to a maximum will help to continue to keep cyber criminals out.
Philip Woods is a director at KRCS Group Ltd and an accredited Apple technician.