14 Ways to Ensure Your Work From Home Employees Are Secure
Security can be tricky in the controlled environment of the office. Now, many employees are working from home, making the problem even more difficult. The is especially true considering many employees are working from home as the result of a government ordered quarantine rather than a well-planned transition to a work-from-home environment. If you don’t have a plan in place to ensure the security your staff’s devices even when they are not in the office, you could be leaving your company open to a serious security breach. In this post, we’ll give you 14 tips to help make your work-from-home environment more secure.
1. Encourage frequent software updates
In the office, you have a trusted employee to handle your IT needs. Someone to ensure that all the latest software updates have been installed, and with them all the latest security patches and vulnerability fixes. These patches become public knowledge by the time they are patched, which means any number of malicious actors could take advantage of them. Home users are notoriously bad at updating their software, so you should be sure that your employees understand the importance of remaining proactive in keeping their software up to date so an avoidable exploit doesn’t negatively affect your company.
2. Encourage security software
Updating the operating system and software used for work isn’t enough. Your employees should have an understanding of the types of security software that exist and be encouraged to install it on their devices. Ideally, you will provide this software them to make the process and painless as possible for them. Security software includes anti-virus and malware protection software, firewalls, and encryption tools. If you have an IT department, making them available to set up the software on the employee’s computer will go a long way to aid in adoption of the tools by staff.
3. Provide VPN services
We’ve talked about providing security software to your employees already, but there is one form of software and accompanying service that deserves a mention of its own. Virtual private networks provide an extra layer of anonymity and security to users that make it well worth the expense and effort for you to provide VPN services to each of your employees that will be working from home. Encourage them to use the VPN whenever they are online, and especially when they are working with sensitive business data.
4. Warn employees about thumb drives
USB storage such as thumb drives are one of the biggest ways that malware and other malicious software finds its way onto a user’s computer. Many casual computer users do not understand the danger of popping in random USB drives that they receive in the mail or that are handed to them on the street with a false story about what is contained on the device. You do not want your employees to become one of the unsuspecting victims, so be sure to educate them why they should avoid thumb drives unless they are absolutely certain they can trust its contents.
5. Require security training
Thumb drives are only one of the dangers that await computer users today. Phishing emails and other security scams continue to be a problem because many people continue to fall for them year in and year out. Since your employees will now be left on their own with valuable work files, you want to require them to attend a class on basic security in the internet age. This doesn’t have to be some great expensive program, you can have your IT staff put together a crash course in modern digital security for the rest of the staff to follow. The next few tips will included the type of suggestions that may be included in such a course, but are not a substitute for a full security briefing.
6. Don’t leave devices in the car
While we tend to think of digital security as purely an online danger, hackers and scammers aren’t the only threat to computer systems. The old-fashioned approach of stealing devices and accessing sensitive information that way remains a serious threat. While it’s unlikely that your employees and their devices will be specifically targeted for such an attack, computers and other digital devices are still highly valuable equipment that makes a prime target for theft. If a that occurs, you’ll have no idea who will gain access to any work files stored on that device.
7. Avoid public Wi-Fi
Another major security threat is public Wi-Fi. These are inherently insecure systems that leave a user’s computer vulnerable to anyone who is sharing that public access point with them. Your employees should be aware of the dangers of public Wi-Fi and avoid using it with any computer that has work documents on it. If the user only has access to the internet via public Wi-Fi spots, then they should be running a VPN at all times they are connected to one.
8. Separate work computer if necessary
In many cases, it may make sense for your employees to keep a separate computer that they work from. Separating work computers from personal computers allows your IT staff to take greater ownership over the devices that employees will be using to do their work, just as they would if the employee was working from the office. It allows users to fall back on their lax security habits when they are doing personal work and protects your work files from the bad habits of anyone else who may share a personal computer with an employee.
9. Audit employee passwords
You shouldn’t ask your employees what their passwords are to ensure safety, that would be creating the type of bad habits that threaten security. Your employees shouldn’t be giving their passwords to anyone for any reason. What you should be doing is creating a regular schedule where you require your employees to reset their passwords. During the announcement for this time, be sure to remind them the importance of long, hard to guess passwords. Remind them that if they want to use easy passwords, to save those for their personal information. Anything work related should be protected by strong passwords that are changed frequently.
10. Reset router passwords
Speaking of passwords, few people ever bother changing the default passwords on their wireless routers. This means that anyone who is near the router can access it and create a security headache. Make sure that your employees are away of this common threat and ask them to go in and create a new password for their router that can’t be found online in the user manual for their router model.
11. Utilize secure cloud services
Cloud services, such as Office 365 are already a great way for your team to share important work documents even when they are all working miles away from one another. But there is also a big security benefit to moving all of your work related documents into such cloud services. Moving files from locally stored to only accessible via a secure cloud service with an equally secure password means that theft of an employee’s computer doesn’t leave your sensitive work files vulnerable to prying eyes.
12. Require online backups
Data loss is a huge problem. For files than cannot be created and managed in a secure cloud service, your employees should be required to use an online backup service that will ensure that important work files aren’t lost should something happen to the user’s computer that makes accessing the local copies of the files impossible. Ideally, everyone will use the same service, which should be thoroughly vetted to make that it is reputable and secure.
13. Maintain contingency plans
Working at home, especially as the result of a pandemic that could get anyone sick at any time, increases the chance that someone won’t be available at the exact moment you need them. Key members of management or technical support could get sick and become unavailable to do their jobs. These important roles simply cannot go unfilled. You should prepare for these problems before they occur. Make sure that every role in your company has someone else who can share the responsibility and step up in the event that someone else cannot.
14. Stay in contact with employees to improve morale
This might not seem like a security tip, but security is more than just the technical aspects. Working at home can be stressful for anyone, and only more so when working at home is a surprise adaptation to an unforeseeable event. Your employees are likely to be mentally drained, stressed out, and therefore not as sharp or attentive as they otherwise may be. These are the types of situations where security slip-ups occur. Beyond that though, having regular videoconferencing meetings to provide human contact to work-at-home employees is just a nice thing to do for their well-being during these trying times.
Conclusion
As many struggle with what may be a new normal for quite a bit longer, business have new challenged to adapt to. This includes a whole range of management challenges that come from suddenly dealing with a work-from-home staff. Security is one of those struggles, but it needn’t be an unsurmountable challenge. With a proper plan in place, you can keep your employees safe from the pandemic and your technology safe from digital threats. If you need help keeping your assets secure, contact us today to find out about the services we can provide that will help.