Remote work is the way of the future. Employees who are able to do their jobs effectively from home are now often given the option to skip the commute and work remotely. Unfortunately, this creates risk for the company.
Remote work carries great risks of information interception, device theft, and malware. Here are some ways to mitigate these problems.
Take Control of the Devices
It’s tempting to just hook your employees’ home devices up to a Virtual Private Network (VPN), but this is usually a bad idea. VPNs are absolutely password-secure, which is good for stopping interception of information on the Internet, but useless at fighting the vulnerabilities of devices.
If an employee’s device has a security flaw, then it can be used as a route into the network as a whole.
About 95% of security issues can be fixed by regularly applying security updates to the software on devices and refusing to install non-secure software. If you give your employees admin privileges over their devices though, not everyone is going to act responsible. However, if you admin all the devices on your network remotely, then you will have control over all software changes.
Use Internal Firewalls
It’s a pain to continue to set allowed ports and programs, but firewalls go a long way to limiting the damage of any intrusion. There are only a limited number of programs that need to communicate between devices, so open ports for those programs while blocking the rest.
Educate Employees about Phishing
We like to think of “hackers” as the movies portray them”: reclusive geniuses who type fast while shouting nonsense. Unfortunately in reality, they are normal people who have learned how to exploit others.
Many hacking attempts start as “phishing” attempts to scam users out of their passwords. Make it clear to employees that there is no reason for them to ever tell their password to anyone else in the organization. Set up the possibility of guest privileges and alternate accounts to discourage account sharing.
Invest in Professional Security System Design
No blog can cover even 1% of what a security professional knows about designing a safe system. If you hire a pro to test your system and make changes, then you know that you have done as much as possible to provide real protection to your employees and customers!