Few Security Tips For The Work From Home (WFH) Enterprise
Few Security Tips For The Work From Home (WFH) Enterprise –
As organizations try to adapt to employee-friendly policies at the workplace, there has been an increase in employees choosing to work from home. Employees can work more freely when working from home. Research by Amerisleeps confirms this. A study conducted with 1001 remote workers showed that almost 80% of the target group described their stress levels as either “not stressed” or only “moderately stressed.”
Even employees find it more productive if they work remotely. A survey by Flexjobs found that 65% of respondents find working away from the office is more productive for them. The reasons were lesser disruptions, lower office gossip, and a quieter environment.
However, working from home is not without associated security risks. How can you track your employees and ascertain whether they are leaking any confidential information? Or are they unknowingly exposing their emails to hackers? In this article, we will discuss a few security tips when your employees are working from home.
Physical security –
Maintaining network security at the office is easy. How can you ensure that your WFH employees are ensuring failsafe security of information on their terminals? You must have a policy with the dos and don’ts for these employees. When they are not at their laptop, they must lock the screen. It applies to all devices they use to check their emails, even their smartphones or tablets. The laptop must be stored in a safe place and out of sight of everyone in your family.
Access only through passwords –
Very few of us thought about securing the laptops when working from home. The security apparatus for WFH employees should be similar to that of the office employees. There must be a mechanism to protect the terminals through a password. Global best practices must govern the passwords. The passwords must be changed every quarter with the employee receiving ahead of time alerts reminding him to change the password. In case there is no single sign-on mechanism in place for multiple logins, you may request the IT department for a password manager. It is more secure than writing the passwords on paper.
Need a VPN –
VPN can be used to bypass locational restrictions and location hoaxing. However, it can also be used to protect the network as it can encrypt the internet traffic and make it unreadable to any third party that gains access. A VPN also hides the user’s IP and masks the location too. In this way, it can make sure that even the ISP and government agencies cannot read the information exchange. VPN has a drawback, and it slows down the internet. In case you have to do video calls, you must opt for a VPN with high speed.
Surf only HTTPS sites –
You must implement a policy through which your WFH employees can access only HTTPS sites. These sites are known to be safe as they encrypt the communication between the web server and the browser of the visitor. If you are willing to make an online purchase, always ensure that you are doing it from an HTTPS site. You can also connect the remote desktop to a work computer over a secure SSL connection. If you wish to take advantage of SSL certificate like Comodo SSL certificate to secure websites so that visitors can trust such sites. If you are on HTTP then migrate to an HTTPS platform for securing your customers.
Update software periodically –
You must request the IT to update your software regularly. Most software has patch upgrades which help to plug any vulnerabilities that may be prevalent in the earlier versions. The security policy of the organization must cater to this requirement. Special care must be taken to update the software of WFH employees at regular intervals and allow the user can be notified of such updates well in advance. Some of the software also enable automatic updates. You must ensure that this feature is turned on.
Take periodic backups –
Wherever you work from, you must take regular backups of your work. When you are in office, the IT team may make efforts to taking backups on your behalf. However, if you are at a remote location, you must remember to take backups of your work. You can store the data onto a cloud location after taking proper approvals from the authorized personnel. You may also request your IT team to take backups remotely on your behalf.
Ringfence your work terminal –
You must use software to prevent any unauthorized access to your terminal. You must procure a renowned antivirus software. Most of them come with malware protection and have a built-in firewall too. You must also keep the antivirus updated periodically whenever such updates are available. Even if some malware gets in through the first line of defense, the antivirus can scan the laptop and find out and remove such malware. The better antivirus software can also help in scanning emails and detect hidden pitfalls.
Do not use flash drives –
Your employees must be discouraged from using flash drives. It can be a means of leaking information and must be stopped. All the ports of the laptop must be disabled to prevent usage of flash drives. Moreover, flash drives a great source of malware, and it would wreak havoc on the terminal.
Train employees on online security –
How do you expect your employees to be abreast with the latest security techniques? Through periodic training sessions. Create and impart targeted training sessions for your employees about protecting sensitive information and various security techniques. Always include the demerits of using public Wi-Fi and other similar security lapses.
The days and week of lockdown due to the coronavirus episode may mean a new way of life for most of you. Working from home has its own set of security issues. You must communicate through a secure VPN and utilize the benefits of SSL while connecting through a remote desktop. There is also a need to take a periodic backup of your work and upload it onto a cloud location. Use multi-factor authentication as much as you can. This article talks about a few security tips while working remotely. We hope that implementing these steps will help you in combating cyber criminals.