Remote Workforce Security Tips
Who would have suspected in February that, as early as March 18th we would all be working from home full-time, cyber-teaching our kids, and on government lock-down? We are indeed working in unprecedented times. Like it or not, it has indeed changed the way we see the world, both personally and professionally.
Remote Workforce Impact on Companies
While this time has been especially hard on each one of us as workers, it is equally as hard for companies. Imagine not only having the responsibility of making enough profit to keep all workers on the payroll but also blindly trusting each worker to protect your company data in a different environment.
Unfortunately, one honest mistake could cost the company a fortune. Therefore, the remote worker’s ignorance or unwillingness to adhere to cyber-security policies could negatively impact a company’s ability to stay afloat. Clearly, these are trying times for all of us. As a result, it is up to each one of us to do our part to keep our companies profitable.
Ways You Can Help Protect Your Company Data
There are several ways you can protect your companies data when working remotely. This includes a combination of safe practices and good communication with your IT team. After all, your IT team is always available to help you make the right decisions. Below is a list of ways you can do your part to help protect the company’s data.
1. Use Your Company’s VPN When Working From Home
Interestingly, when you are at your office you are on a private network. As a result, you can send and receive data without it going over the public Internet. Likewise, remote users typically have access to a Virtual Private Network (VPN) that allows you to do the same remotely. Obviously, this VPN is a major security vulnerability if you do not use a properly configured firewall.
So, how do you know if you are on your company’s VPN. It’s simple. You will know if you are using the VPN because you will access it under your Window’s Settings. However, there may be several reasons your company does not have a VPN. Examples include Software as a Service Applications, Office 365, and other secure data sharing. Therefore, you should ask your IT department about VPN access if you do not see it as an option in your Windows Settings. They will let you know if you need it or not. If you do, make sure you always log on when performing work tasks.
2. Reach Out to Your IT Team Before Loading Software
Always remember that your computer is company property and it is is not yours to do with as you please. Clearly, your IT team exists to both protect your company’s data and keep you productive. Therefore, you should include them on any and all software download decisions.
Often times, free software is offered to exploit the end-user device. When this happens, hackers access end-users’ computers as an entry point to all company data. Therefore, if you download an infectious software, you are giving access to hackers.
3. Save All Work on Corporate Drives
If you’re like most people, you have lost an important file at some point in your life. Undoubtedly, even thinking about it will likely make your heart sink as you remember having to recreate it from scratch. Now imagine losing all the files on your computer. That’s the risk you take when you do not back up your files to the corporate drive.
Unfortunately, there are many things that can go wrong when an employee takes their computer home. After all, you just don’t have the same protections. For most companies, this includes everything from firewall protection to desktop backups, surge protectors, or even theft. For this reason, it is vitally important that you store all your documents on the company drive and not your local hard drive.
At the corporate level, all your data is being backed up in case of a natural disaster, hackers, hard-drive failure, or theft. In fact, this is done on a nightly basis. Yet, when you are not connected, everything is being stored on your local drive. That’s why it is extremely important that all remote workers copy new files on the company drive every night before they quit work for the day.
4. Think Before You Click
It may be hard to believe, but nearly 95% of attacks on business networks are the result of successful phishing emails. Even worse, the average cost to a mid-size company is $1.6 million. This could come in the form of a text like smishing. It could be a targeted attack, that appears to come from a trusted source, like spear phishing. Yet, they can even come from a trusted friend or acquaintance. The best thing you can do is to get educated on what a phishing email looks like and how to spot them.
Unfortunately, once a hacker is let into the system, they remain undetected for nearly 9 months on average. Imagine the damage that a hacker can do in 9 months with unlimited access to all corporate data. Yikes! Therefore, it is vitally important you get educated on what to look for and what to avoid. Not just as a remote worker, but for all times.
5. Do Not Share Your Devices at Home
Sometimes it may seem harmless to share your work computer with your children or your spouse. However, when you do this, you are risking the companies data. Incidentally, no one ever purposely downloaded a virus. Rather, they unknowingly visit questionable sites, click on phishing emails, and download infected games. In the end, the company pays the price and you are the one who gets blamed. Therefore, when you work from home, make sure your family uses their own devices, not your companies assets.
6. Lock Devices When Unattended
It may surprise you to know that even in your own home, your work computer might not be safe. In fact, anyone who has been in technology long enough can tell countless stories of company devices being improperly used at remote user’s homes. For instance, one person’s roommate sent out a company-wide email claiming that person was having an affair with the Vice President. On another occasion, a teenage son accessed his father’s computer, who was a doctor, to prescribe narcotics. However, the cutest remote working story was when a toddler fell on a keyboard and accidentally sent the father’s venting message to the CEO. Consequently, it was a message the father hadn’t actually intended to send.
Those are just a few examples of things gone wrong when a computer is left unattended. Therefore, the best practice is to lock your computer when you leave it unattended. Another great idea is to set automatic time-outs in the Window’s Settings.
When in Doubt Ask Your IT Department!
Your IT team is here to help. Whenever you have a question, issue, or problem with your teleworker’s technology, it is best to reach out to them right away. Most importantly, do not wait until things are out of hand before you contact them. They want to know what is going on so that they can guide you in the right direction.
INSI is Here to Protect You!
This post is part of the INSI Awareness Campaign that is designed to keep our clients protected and informed. In addition, you can click here to learn more about our security offerings.
Most importantly, if you are an INSI client and are concerned about remote workforce technology, please do not hesitate to contact our helpdesk at 770-387-2424. Our engineers are more than happy to guide you on safe technology practices. After all, we are here to serve you!