Reduce the Security Risks that Come from Remote Work
The increase in remote work situations means businesses face an increase in security risks, too. There are a few reasons for that. First, there’s simply an increase in the number of cyberattacks, particularly those targeting specific industries like manufacturing and the public sector. In addition, workers at home are more vulnerable to phishing emails, as they mix personal and business communications and are distracted by non-work activities in their home working environment. There are more third-party products and applications being used, increasing risks from vendors.
Risks from Remote Workers
Those increased threats and vulnerabilities mean businesses need to address specific risks from remote workers. These include:
Poor physical security.
Homes and coffee shops are not locked down the way business sites are secured. Devices may be shared with non-employees.
Poor network security.
The networks at home may not be properly secured. Employees who choose to work at a remote site outside the home may select an insecure network.
Poor security training.
Employees, whether working at home or on premises, are often not well trained on safe computing practices. Even when employees receive training, safe computing practices are often put aside to accomplish work objectives and meet deadlines or other efficiency metrics.
Reduce the Risks from Remote Workers
Both the public health and business environments mean that remote work will not go away, so businesses need to take measures to address those risks.
Businesses should start by having a remote work policy. This policy should describe who can be approved for remote work as well as what they are required to do to ensure a secure remote workplace. There should also be a defined procedure for reporting security incidents.
Businesses also need to support their workers in implementing secure workplaces by supporting any needed tools, such as encryption and a VPN. Business may also need to support employees who don’t know how to use tools that come with their devices, such as built-in firewalls, or how to secure their routers and printers. In addition, businesses may need to implement solutions such as mobile device management software or Desktop as a Service to gain more control over the devices remote workers use to connect to corporate systems.
Finally, businesses need to provide ongoing training to remote employees to ensure they understand the need for safe computing and know how to implement safe computing practices.
Remote work is not going to go away, even if the COVID-19 virus disappears completely. Download our guide to check whether your business is ready for remote and hybrid work scenarios.