As a business owner or an IT professional navigating through this global pandemic, you’ve had to make big decisions about your company, including having many of your employees work from home, either full-time or on a hybrid schedule, for the foreseeable future. While some work streams translate easily enough to WFH—thanks to cloud-based solutions—digital network security does not.
To ensure your employees’ remote locations are as digitally secure as your regular offices, here are seven best practices your company can follow to reduce your exposure.
1. Prioritize Using Company-Issued Laptops
Employees working from home may be tempted to use their personal laptops, and you may be tempted to let them to avoid the cost of new devices – but you should resist that temptation. One key benefit to having employees use work-authorized laptop is your company can manage security updates and patches, pushing those electronically to devices as needed. This allows everyone on your team to receive the same security measures, no matter where they are (note: the user will still need to accept/approve the updates).
2. Make Sure Workers Using Personal Devices Don’t Use the VPN
We know not everyone has a work-issued laptop. If you have workers using their personal devices tell them not to connect their personal device to use the company Virtual Private Network (VPN). Instead, instruct these employees to access work platforms via a virtual desktop infrastructure to access internal company resources. There’s no way to know what is on an employee’s personal computer. It can have malware on it, and if they connect to your work network, they can potentially smoke out an entire company network in a matter of minutes.
3. Ask Employees to Check Home Wi-Fi Networks
When your employees are using your company Wi-Fi network, you’re able to monitor who logs onto it—and you can block any unauthorized users. Now, it’s your employee’s responsibility to know who is using their personal Wi-Fi systems. Have them log in to their Wi-Fi routers and check who is signed into them. If there are devices they don’t recognize, they can block them from using their Wi-Fi—and potentially hacking into your network.
4. Protect Your Sensitive Work Documents
One of the most effective ways to protect sensitive documents is to grant/restrict access to who can view or edit each document. While this may seem like a simple, basic concept, many people do not know to do this or know, but still aren’t doing it. By implementing permissions, only those who are supposed to view a document can see it even if the document gets forwarded via email.
5. Back Up Your Documents
Funny things can happen when your employees work from home, like their children spilling something on their computer, frying the hardware before a critical document is saved. Whenever possible, have your employees work on your company cloud platforms. These platforms not only automatically save documents, but they also allow for multiple users so if something were to happen to one employee’s computer, all of their documents would still be saved, backed, up and accessible via the cloud.
6. Verify Emails from External Sources
“It’s not very difficult to impersonate an email,” says Krishna Marella, Xerox’s Chief Information Security Officer at Xerox who has spent 20 years in the cyber security industry. To prevent successful phishing attacks on your network, he suggest to employees that they hover over the sender email and hyperlinks so they can view the full address and verify it.
7. Make Sure Your Employees Don’t Overlook Basic Precautions
When our days feel extra busy or we’re distracted, it can be easy to overlook the fundamentals of good digital practices. To stay sharp, send out a regular reminder to your teams to sign out of all work-related programs after each use, don’t repeat passwords, and change their Wi-Fi passwords every other month.
These simple steps may feel of limited necessity in a world where most important work activity takes place on your protected network. However, when members of your staff are working remotely and all activity is distributed, your entire network is only as secure as the weakest link. It’s up to you as a manager or a business owner to rally staff to see how these best practices add up to a secure network—and how everyone on the team ultimately relies on that to get the job done.