How to Keep Remote Work Safe: Cybersecurity Policies, VPNs and more
Remote work has been a hot topic for about a year and a half now. While many initially thought of it as a temporary alternative that became necessary due to the pandemic, it’s looking more and more like it’s here to stay.
Whether fully remote or on some sort of hybrid schedule, cybersecurity is of the utmost importance for employees working from their home office. I was recently quoted in this TechRepublic article on the topic.
As president of Kelser, it’s my responsibility to make sure our employees are making the right decisions when it comes to cybersecurity. But, it’s also my responsibility to make sure our clients do the right things.
Here are some things to consider when addressing the security challenges of a remote workforce:
1. Establish and Maintain a Cybersecurity Policy
Statistics show a need for remote work cybersecurity policies. Four out of five C-suite executives and three out of five small business owners consider the risk of a data breach to be higher when working remotely.
Despite that, 26 percent of IT professionals say there is no policy in place for data protection while working remotely.
If you don't know where to start on a remote-work cybersecurity policy, NIST put out a comprehensive guide in plain language. They really lay it out. Follow this document and you’re going to have a very robust, secure remote workforce.
2. Monitor VPN Performance
While VPNs are nearing ubiquity, shaky performance or lack of secure connectivity for employees can drive bad behavior. For instance, if the VPN disconnects frequently or has slow performance, employees will naturally look for a workaround.
No business owner wants an employee saving company files to their personal laptop because it's faster and easier. It’s just too risky from a cybersecurity perspective.
We worked with a company that had an employee download a large amount of sensitive data to their laptop for this very reason. It was stolen from their vehicle, causing a significant data breach.
3. Consider Mobile Device Management
Every company needs a written remote work policy that employees must sign. And it has to have teeth. There need to be consequences.
You can also stipulate different standards for “bring your own device” arrangements and for employees using company-provided devices. For instance, BYOD employees should have limited access.
If the company issues mobile devices, you may want to consider mobile device management (MDM) so you can remotely wipe and lock lost or stolen devices.
4. Keep Tabs on Connectivity Issues
Connectivity can be an issue for remote workers depending on the varying quality of personal home internet service. Some companies who have employees with slower speeds are providing a high-speed internet connection for them.
I've even seen companies provide a distinct internet connection with solely company-owned devices connected for security reasons.
5. Replicate the office environment as much as possible
Don't forget to consider the home work environment. At the office, you would never think to have an employee working on a wooden chair with a table that’s eight inches higher than it ought to be.
Replicate the office working environment as much as possible. For example, if an employee has two monitors at the office, whether for comfort or productivity or both, it makes sense to have the same at home.
How Much Do You Know About Cybersecurity?
At Kelser, we know the importance of having a multi-pronged, effective cybersecurity strategy. Whether you are a novice or an experienced IT professional, we can help enhance your security posture. Find out how much you know: