Twenty years ago, who could have envisioned such things as remote working or virtual offices? But with today’s sophisticated technology, more and more staff are able to work from home. That means no more long commutes, better work-life balance, and employers get to save on overhead and leasing costs by having smaller office spaces. But there are also downsides. Remote working adds a new layer of complexity to your IT environment and poses new risks to the safety and security of your business. So, how do you protect your business and keep your employees safe and productive, no matter where they work?
Whether you’re a business owner who’s had to embrace telecommuting because of COVID-19 or an employer who just likes to offer flexible work options, there are things you need to put in place to ensure that your company data, and your customer data, doesn’t fall into the wrong hands. Here are 4 ‘must-haves’ for any business owner…
#1: SECURE VPN TECHNOLOGY
Many employees admit to using public Wi-Fi to send and receive work files and 21 percent admit to leaving a work device unattended in public while working remotely. It’s all too tempting to answer that work or customer email while in line at the coffee shop or on your personal smartphone at the kitchen table. But that also means that others could be using that shared network to spy on your activities or to gain access to your company’s IT systems.
As the name suggests, a virtual private network, or VPN, allows your team to access a private, secure network, even if they use their own household or public Wi-Fi. A VPN can mask a users’ location and IP address, and encrypts data as it moves back and forth across the internet. It doesn’t mean your activities cannot be monitored while using a VPN. Website cookies can still track your online “movements”. But a VPN offers another layer of protection that can stop others from accessing your sensitive company data.
#2: MULTI-FACTOR AUTHENTICATION
Another risk that is often posed by remote working is unauthorized logins to company systems. When employees work in an office, you control the environment and the level of security. But when your employees work from home, there are all sorts of risks. They could share a household with many people, have an open home office, or could work in a public space where anything could happen. Someone could easily gain access to your IT systems, and you would be surprised how easy it is to guess a simple password login.
Multi-factor authentication can protect your business by requiring users to provide two or more pieces of evidence to access devices and/or systems. This is usually something only the user knows, such as a key code or PIN, or something only an authorized user would have in their possession, such as a badge or smartphone. You can even go a step further and use things like fingerprint or voice recognition. By implementing this extra step, you can reduce the risk of unauthorized access.
#3: ACCESS CONTROL
It’s also important to control the level of access for each remote worker. Not everyone needs to access every IT system. Good access control means you know who should access your company data (authorization), and you have the means to ensure the right person is granted access (authentication). In other words, you have gatekeepers, like multi-factor authentication, in place that ensure that the right person accesses the right systems.
Every business needs some form of access control, especially if employees work from home and require access to company resources and networks. By limiting access to only the systems and data a worker needs to do their job, you lessen the risk of info leaks and security breaches.
#4: SECURITY TRAINING
All the above tools can keep your business safe. However, they don’t account for human error or negligence, so a vital piece of the puzzle must involve security training for all your remote staff.
You would be surprised how little people understand about technology and how it actually works. Security training can help employees to comprehend the IT risks involved in working from home. And by outlining and documenting your security policy and best practices, you can give remote staff the education they need to keep themselves and the company safe.
Distribute a clearly written security policy to all remote workers. Outline how to spot threats, how to report a problem, and steps employees can take to reduce security risks. Remember, not everyone speaks “IT”, so make sure it is easy to follow and make sure your team understands their responsibilities.
Make Sure These Must-Haves Aren’t Missed
To recap, every organization should have at least these four factors in place to protect their business and their work from home staff:
- Secure VPN technology
- Multi-factor authentication
- Access control
- Security training
With these four basic measures, you can ensure that your telecommuting team has the knowledge and the tools to keep your company data safe and secure. That means you can rest easy, knowing that you have some control over your remote workers’ IT environment and that your sensitive company data remains in the hands of authorized users and authorized users alone.
If you still find that these measures aren’t enough to put your mind at ease, you may want to consider hiring someone to manage and monitor your IT infrastructure for you. That way, you can be alerted quickly if any threats present themselves and you have a resource that remote workers can access in case of IT problems or suspected security breaches.
Need some help managing your IT? Contact us to find out about our Managed IT Services.