Keeping Remote Work Safe: Cybersecurity Policies, VPNs And More
Editor’s Note: This article was originally published in 2021, but has been updated to reflect new information.
While many people initially thought of remote work as a temporary alternative that became necessary due to the pandemic, it’s looking more and more like it’s here to stay.
In fact, an expert interviewed in this January 2023 Forbes article (Work From Home Or Anywhere: Top 30 Companies For Remote Jobs In 2023) notes, “Our surveys have found that 65% of people want to work remotely full time, and 63% would absolutely look for a new job if they couldn’t continue to work remotely.”
Whether fully remote or on some sort of hybrid schedule, one of the most important considerations for people working remotely and their employers is cybersecurity.
As president of Kelser, it’s my responsibility to make sure our employees know how to make the right decisions when it comes to cybersecurity.
In this article, I’ll walk you through some of the important steps you can take to help your employees secure your organization’s data.
6 Actions To Keep Remote Work Safe
Here are some actions you can take to address the security challenges of a remote workforce:
1. Establish And Maintain A Cybersecurity Policy
Statistics show a need for remote work cybersecurity policies.
If you don't know where to start on a remote-work cybersecurity policy, NIST offers a comprehensive list of resources in plain language.
I can’t emphasize enough the importance of implementing strong cybersecurity policies to act as a roadmap for your employees. Once you implement it, make sure everyone knows about it and has access to it. Then, make sure to keep it updated so that it reflects the latest information.
2. Monitor VPN Performance
While virtual private networks (VPNs) are now commonplace, shaky performance or lack of secure connectivity for employees can drive bad behavior. For instance, if the VPN disconnects frequently or has slow performance, employees will naturally look for a workaround.
Related article: What Is A Virtual Private Network (VPN)? Does My Business Need One?
No business owner wants an employee saving company files to their personal laptop because it's faster and easier. It’s just too risky from a cybersecurity perspective.
I speak from experience. One of our customers had an employee who downloaded a large amount of sensitive data to their laptop because using the VPN was cumbersome. The laptop was stolen from the employee’s vehicle, causing a significant data breach.
3. Consider Mobile Device Management
If your company issues mobile devices to employees, mobile device management provides a way to remotely wipe and lock devices that are stolen or lost.
This one tool can save the day and keep your data safe when the unexpected happens. It definitely would have come in handy in the example I just mentioned.
4. Provide Employee Security Awareness Training
There are numerous ways to provide employee security awareness training and there are some very good remote options out there.
The key with employee security awareness training is to make sure it is effective and that it is ongoing. It’s important to educate employees about the latest threats and keep security top of mind.
Here’s an honest cost-benefit analysis that spells out what you need to know about security awareness training.
Related article: What Is Employee Security Awareness Training? Do I Need It?
5. Implement Multi-Factor Authentication (MFA)
MFA is a security tool that protects your organization’s data by requiring users to provide multiple pieces of identification before granting access to an application, website, or other IT service.
Whenever a user starts the login process, MFA requires at least one additional piece of information to verify identity before allowing access.
Options for that additional piece of identification can include text messages, phone calls, or push notifications asking a user to verify via another device that they are seeking access.
MFA could also require a physical means of identification such as a token or biometric. And, it’s not as complicated as you might think.
Related article: The Truth About 3 Multi-Factor Authentication Concerns
6. Provide Password Managers
As employees work remotely, there are additional opportunities for their devices to be hacked especially in public places.
Password managers offer an easy (and cost-effective) way for users to keep track of the multitude of passwords they use daily (which some estimates put at up to 100 passwords!) and keep them from writing them down.
A password manager is software that securely saves your passwords for various websites and applications. It can save username and password combinations as well. With one secure password, users can gain access to passwords they have stored for a variety of applications and websites.
Related article: 3 Advantages and Disadvantages of Password Managers
Where Do You Go From Here?
After reading this article, you know six actions you can take to keep your organization’s data safe and support your employees in working remotely.
You understand the importance of establishing and updating policies and monitoring VPN performance.
You also know some tools that can keep remote work safe including: mobile device management, security awareness training, MFA, and password managers.
Whether you rely on an internal staff or an external IT support provider, you now know some of the steps you can take to keep remote work safe.
Kelser helps customers implement solutions like these every day through our managed IT support offerings, but we also know that managed IT isn’t the right solution for every organization.
That’s why we post articles like this one that don’t try to sell you our services, but rather provide the information you need to make the best IT decision for you.
If you are considering external IT support to handle some or all of your technology needs, we encourage you to explore several options. It’s important to find the right fit in an IT partner.
Your business runs on technology and you want to be sure your provider takes the time to get to know your business and your priorities, so they can recommend the best technology solutions for you.
Curious about managed IT? This article explains what’s included and what it costs.
Or, read this article if you are wondering whether your business is too small for managed IT support.
Does your organization have everything it needs to keep your data safe? If you can't definitively answer yes to this question, download our free cybersecurity checklist to find out how you can strengthen your cybersecurity efforts.