Staying secure whilst working from home
Whether your teams are working from home permanently, temporarily or trying a hybrid mix, it’s essential to make sure that your workers are safe, and your data is secure.
Here’s seven tips for improving the resilience of multi-site operations that all remote workers can implement at home.
#1: Stay up to date
Ensure that all of the software your people are using when working from home is up-to-date. Make sure your people use the latest version of their browser software and that antivirus software is up-to-date and actively blocking threats. Make sure updates happen automatically on company computers and insist that people do the same for personal devices. Show them how to do it if necessary.
#2: Secure data in motion with a VPN
Employees working from home should be provided with a VPN or Virtual Private Network, which encrypts Internet traffic and makes the flow of data more secure. Install VPNs on all company devices used offsite. Provide them for use on employees’ personal devices and provide clear instructions on how to put this extra protection in place.
#3: Use remote desktops, but don’t turn off the office computer
Remote desktop software, which allows your people to take control of their office computer remotely, is well worth considering but should only be used in conjunction with a secure VPN. It will enable them to access the full processing power and data capacity of their work environment from home, while company data stays safely in the office. If your computer is part of a corporate domain ask your IT administrator to implement a temporary Group Policy that prevents remote users from shutting their work computers down as otherwise they’d have to go and start it up again in person.
#4: Use strong passwords and two-factor authentication
Ensure you are promoting proper password management and insist on strong passwords as standard. Employees should be using complex passwords that are unique to each application. Do not use the same one across multiple services.
Use two-factor authentication – which requires a second piece of evidence to gain unlock access – wherever possible, but especially on cloud-based applications that can be accessed from anywhere such as Office 365. For Office 365, two-factor authentication will include a password and a text or call from Microsoft to verify that it’s you.
#5: Stay smart for phishing scams
Phishing scams are the most significant threat for many businesses today, and we can expect to see more that explicitly target employees working from home. Understanding the risks is the best way to fight them. Instruct employees to contact your IT department or representative if in any doubt about the validity of an email. If you do fall, victim, raise the alarm immediately to minimise potential damage.
For more information download and share our simple guide to protect your team against Phishing
#6: Update your routers and the password
Encourage your employees to secure their home broadband routers. As well as ensuring that the firmware is up-to-date, insist that they change the default WiFi password within the router settings to something longer and more secure. This will disconnect old devices (which is a reasonable security precaution in any case) and ensure new devices are accessing the network more securely.
#7: Don’t allow device sharing
Don’t allow your employees to share access to their work devices with family members. All of the excellent work you’ll have done educating your people about the risks to cybersecurity can be undone in an instant if one of the children accidentally downloads key-logging software or some other form of malware.
Free guide to remote & hybrid working
Keep staff engaged, happy and healthy with advice from flexible & remote working specialists and insight into how leaders at the UK’s best small workplaces have managed new ways of working as a team.