[BreachExchange] Managing workplace safety for remote employees
Destry Winant
destry at riskbasedsecurity.com
Wed Nov 28 09:19:36 EST 2018
https://www.techzone360.com/topics/news/articles/440428-managing-workplace-safety-remote-employees.htm
In the last decade, remote working systems have been welcomed in more
organizations to encourage flexibility amongst other reasons, and the
percentage of employees that telecommuting has been steadily
increasing.
These remote working systems allow employees to work from their
preferred location outside the office and the problem of managing such
employees may result. Even with remote employees, it is important to
ensure that the standards and security of an organization are not
compromised.
To address the extra concerns that may arise because of the remote
location of some employees, it is important for managers and HR
personnel to adopt certain measures. These measures which include
searching for the best VPN services are highlighted in this article.
Password security
With remote employees, password security requires much more emphasis
than with employees that show up at the office daily. Thus, the
importance of ensuring the safety of every work-related password
should be emphasized.
Points of strong emphasis should include the use of strong passwords
that cannot be easily predicted by cybercriminals. Passwords that can
be easily predicted include those with the user's personal details
such as name and birthdays. Proper storage of passwords should also be
emphasized. Passwords could also be stored in a central password
manager which should also be properly secured. The passwords should
also be updated regularly to ensure improved security.
Security of work devices
Depending on the location from which a remote employee works, their
work devices could be accessed by unauthorized parties, and emphasis
should be laid on the importance of protecting work devices from such
parties.
This may involve the implementation of screen lock for work computers
to prevent such unauthorized access whether from family members or
flatmates. Unauthorized access could compromise the security of
sensitive company information, and remote employees should be
sensitized on the importance of keeping their work devices away from
unauthorized access.
Work devices can also be made less obvious by avoiding the use of
company logos as wallpapers as well as the use of company stickers. If
a remote employee decides to work from a coffee shop for a day, for
example, the company sticker or logo will give them away as employees
of the organizations. Hackers tend to know the habits and mistakes
which remote employees could make and capitalize on these
vulnerabilities as much as possible.
The security of work-related devices also extends to portable devices
such as USB drives which must be well protected because such devices
are targeted by cybercriminals. If a file has to be in a USB drive for
a period that extends up to a week, a form of encryption should be put
on this file. These USB drives should also not be branded ones which
will draw more attention, especially when used in public spaces.
As regards the security of work devices, it is also important to
ensure that the applications on every work device are the latest and
most secure versions. Updates of applications are regularly released
to prevent security breaches, and these apps should be updated on work
devices as soon as they are available. Cybercriminals may take
advantage of the loopholes which have been fixed in the updated
version to access work devices.
Remote employees should also be encouraged to disable connections such
as Bluetooth when they are not in use as a hacker can access a work
device through such connection. Once a cybercriminal has targeted a
remote employee, they will seek every means of stealing information
from the employees and the connection that was left on may just be the
means.
Online security
Remote employees constantly need to access the Internet and
emphasizing the importance of enhancing online privacy and security
with tools and devices which include a VPN. When the traffic data of a
remote employee is protected with a VPN, communications become secure
and online activities become anonymous.
The use of a VPN also ensures that the employee can maintain
uninterrupted communications with the server of the organization even
when they change locations as some remote employees tend to do over
time. A VPN on all work devices is also a necessity because of those
moments when an employee needs to use public Wi-Fi, although the use
of public Wi-Fi without a VPN should be strongly discouraged.
Managers should recommend or provide the best VPN services for remote
employees as the security of company data strongly depends on the use
of a strong and efficient VPN.
Information security
Information sharing by remote employees should be made as secured as
possible. The implementation of measures such as using a strong VPN
and avoiding the use of public computers and Wi-Fi is necessary to
achieve information security.
Remote employees should be made aware of how their activities could
jeopardize the security of company data. Remote employees should also
be empowered on how to prevent security breaches to achieve workplace
safety.
More information about the BreachExchange
mailing list