Tips for ensuring your employees can securely work from home
As millions of workers log into work from home to avoid the spread of COVID-19, organisations need to make working from home seamless and secure. Here are Smarttech247’s top tips for working from home securely.
- Encrypt devices. When assigning laptops or other mobile devices to remote workers, encrypt hard drives to protect any data stored directly on the machine. However, not all security programs work with encrypted devices, so be sure to double check tech specs before doing so.
- MDM. Consider a mobile device management platform like MaaS360 that allows the organisation to centrally manage devices, enforce policies, and if needed, remote wipe them.
- Switch to cloud-based storage. Look into cloud services that offer high levels of encryption so that data is not only easily accessible for remote workers on the move, but also better protected from threats like ransomware.
- Create secure connections to the company network. Remote employees should be connecting to the network through VPN so that their Internet traffic is encrypted. However, to protect the network at large, IT staff should only allow remote users to connect to VPN if their system is properly configured and patched, and their security products are updated and active.
- Roll out automatic updates. Take updating hardware and software out of remote workers’ hands by putting their devices on a standard image and activating automatic updates, especially for their security programs.
- Use an encrypted email program. Since checking company email offsite is a common practice, even among in-house employees, using a secure email program that encrypts messages is key.
- Implement good password hygiene. Safeguard against lost or stolen devices by requiring that remote workers use strong passwords that are long and memorable enough that they needn’t be written down. Request that employees also password-protect their phones, since they are the easiest to lose, be stolen, or hacked.
- Increase user awareness. Distribute a cybersecurity policy that spells out how to identify phishing emails, tech support scams, and other social engineering tactics that threat actors use to bypass otherwise strong security measures. Consider reeducating users via online platforms such as Security Innovation
- Deploy an endpoint security program. If not already implemented, look into endpoint protection platforms that can be deployed remotely and managed from a central location. Your endpoint protection platform should also include a strong anti-exploit component in order to shield unpatched programs and legacy systems.