Newsflash: Password or no, that coffee shop Wi-Fi probably isn’t too secure. One of the problems with distributed workforces is that remote workers make prime targets for those wishing to exploit vulnerabilities. That’s a huge concern if your employees are dealing with sensitive data, proprietary information, and client contracts. Here are 5 things you want your employee to read as we continue on our remote work journey.
A firm policy here could avert disaster and abstinence. Organizations should prohibit remote workers from using public Wi-Fi and shared computers for work-related activities. Computers, laptops, and mobile devices that access corporate applications and networks should be password protected with stringent requirements. Also, home routers, computers, and software should all be updated to the latest versions and operating systems which tend to include security patches. This helps to prevent others from being able to tap into home-based wireless networks.
Employees should remain cautious of downloading random applications or software to avoid malware, viruses, or insecure protocols. If they’re unsure, they should check with IT support or their Security team. Also, remind remote workers to be careful when sharing confidential data. They should use company-issued apps for file sharing, storage of confidential documents, and communication. Let them know this is for their safety, too, that the company has protective measures around these apps and can monitor for suspicious behavior.
Email is a gateway for potential threats, and email encryption is a must for distributed workforces. So is a strict email policy outlining what constitutes suspicious messages and how employees should handle them? Mimecast is the most popular choice for Microsoft Exchange email management and protection. Additionally, employees should ask themselves: Do I recognize the sender and was I expecting this email? Is there a sense of urgency for my attention? Are there links and attachments in the email? They should be advised not to open any attachments until IT or Security can verify the email is legitimate.
This one is obvious but can’t be repeated enough. Strong, frequently updated passwords protect businesses. Always encourage employees to change default passwords to strong passwords (think long in characters, 12 or more) that are unique to each account. There are password generators online that will help you with this. If you are worried about losing track of all these passwords, check out LastPass for a quick fix to the problem.
If the company owns the device, the company should be ensuring that the device is adequately protected with up-to-date antivirus, device encryption, and firewalls. Cybersecurity policies should designate which devices (organization-owned v. employee-owned) can be used for which kinds of business activity. If your company hasn’t moved to multifactor authentication (MFA), now is a good time. Protecting identity and access across remote locations is made easier with this technology, which requires two or more identity-driven credentials to grant access to applications. To reduce the potential impact of unauthorized attacks, some solutions like email and banking software enable MFA capabilities as part of their services.
If you haven’t already, join our tribe at WorkisDead.com to access more exclusive content on remote working.
