As a business owner or an IT professional managing through the coronavirus outbreak, you’ve had to quickly make big decisions about your company, including having many of your employees work from home for the foreseeable future. While some work streams translate easily enough to WFH—thanks to cloud-based solutions—digital network security does not.
To ensure your employees’ remote locations are as digitally secure as your regular offices, Xerox Chief Information Security Officer Krishna Marella shares seven best practices your company can follow to reduce your exposure.
Prioritise Using Company-Issued Laptops
Employees working from home may be tempted to use their personal laptops, and you may be tempted to let them to avoid the cost of new devices. But you should resist that temptation. One key benefit to having employees use work-authorised laptop is your company can manage security updates and patches, pushing those electronically to devices as needed. This allows everyone on your team to receive the same security measures, no matter where they are. (Note the user will still need to accept/approve the updates.)
And Make Sure Workers Still on Personal Devices Don’t Use the VPN
We know not everyone has a work-issued laptop. If you have workers using their personal devices tell them not to connect their personal device to use the company VPN. Instead, instruct these employees to access work platforms via a virtual desktop infrastructure to access internal company resources. “We don’t know what is on your personal computer,” says Marella. “It can have malware, and, if you connect to your work network, that could smoke out an entire company network in a matter of minutes.”
Ask Your Employees to Check Home Wi-Fi Networks
When your employees are using your company Wi-Fi network, you’re able to monitor who logs onto it—and you can block any unauthorised users. Now, it’s your employee’s responsibility to know who is using their personal Wi-Fi systems. Have them log in to their Wi-Fi routers and check who is signed into them. If there are devices they don’t recognise, they can block them from using their Wi-Fi—and potentially hacking into your network.
Protect Your Sensitive Work Documents
One of the most effective ways to protect sensitive documents is to grant/restrict access to who can view or edit each document. “This is simple stuff, but not many people know about it,” says Marella. By doing this, only those who are supposed to view a document can see it even if the document gets forwarded via email.
Repeat these Four Important Words: Back Up Your Docs!
Funny things can happen when your employees work from home, like their children spilling something on their computer, frying the hardware before a critical document is saved. Whenever possible, Marella would have employees work on your company cloud platforms. These platforms not only automatically save documents, but they also allow for multiple users so “if something happens to one of your employee’s computer tomorrow, you have all of your documents in the cloud,” notes Marella.
Verify Emails from External Sources
Marella has spent 20 years in the cyber security industry, and he is careful while opening emails from external sources. “It’s not very hard to impersonate an email,” he says. To prevent successful phishing attacks on your network, he suggests to employees they hover over the sender email and hyperlinks so they can view the full address and verify it.
Make Sure Your Employees Don’t Overlook Basic Precautions
When our days feel extra busy or we’re distracted, it can be easy to overlook the fundamentals of good digital hygiene. To stay sharp, send out a regular reminder to your teams to sign out of all work-related programs after each use, don’t repeat passwords, and change their Wi-Fi passwords every other month.
These simple steps may feel of limited necessity in a world where most important work activity takes place on your protected network. But when members of your staff are working remotely and all activity is distributed, your entire network is only as secure as the weakest link. It’s up to you as a manager to rally staff to see how these best practices add up to a secure network—and how everyone on the team ultimately relies on that to get the job done.
Via Xerox, Seven Ways Businesses Can Strengthen WFH Security, 2020.