Did you know that 45 percent of US employees have shared their work passwords with family members? And that 1 in 10 workers has experienced a cyber attack since working remotely? These statistics are clear evidence of a wider problem: there’s not enough emphasis on remote working security. And this matters because it’s your company’s sensitive data that’s on the line.
The good news? It’s absolutely possible to secure your company’s remote working landscape. Here’s how.
Remote working challenges
Before you write a remote security policy, you need to understand what you’re trying to achieve. This means appreciating the security challenges you’ll face when working remotely. The key challenges include:
- Using unsecured networks to access company data
- Downloading company data onto personal devices
- Leaving computers unattended with sensitive information visible
- Allowing other people to use devices with private work data on it
So, what can you do? Two things.
- Train your staff.
- Draft a remote working security policy.
Helping staff who work remotely
If you allow remote working, it’s your responsibility to help your team work safely. Working remotely means:
- Teaching staff how to spot security scams like phishing emails and ransomware
- Encouraging team members to ask questions and contact you with security concerns
- Fostering a “cyber safe” environment
- Enforcing good data practices and producing clear guidelines for everyone to follow
Don’t worry if you’re unsure how to train your employees. Simply contact a managed services provider who will give you all the information you need on cybersecurity for your company.
Your remote working security policy
Yes, staff education is vital. But if you’re working remotely, the most important thing you need to produce is a remote working policy. Here’s a breakdown of what to include.
Steps for securing devices
Inform your colleagues how to protect their devices. Options include:
- Only using private networks to access data
- Using strong passcodes and changing them frequently
- Setting up a VPN
- Installing security software and keeping it updated
Be clear about what equipment your team can use to access company data. This may include personal devices, or it could be restricted to company-supplied equipment.
Guidance on physical work environment
Set out guidance on what constitutes a safe working environment. This could mean a private room or at least a space away from the rest of the family.
Promote good data protection practices, which include:
- Multi-factor authentication
- Password confidentiality
Set out clear procedures on how staff should backup data and where they can safely save it to. This could be a secure cloud.
Staff should retain copies of all correspondence, including emails.
Remote system management
Where possible, ensure automatic system security updates are authorized.
Erasure and deletion
Set out acceptable ways for employees to dispose of sensitive data. This might include:
- Physical shredders
- Secure containers
- Data wiping software
Ensure your staff knows who to contact if they have trouble working remotely. This could be a single point of contact or an IT department.
Remote working poses significant cybersecurity challenges for any business. But with the right security policy, you can protect business data and company devices from outsider threats. So, if you’re working remotely and need help setting up your own security policy, contact KME systems today.