Fractional HR, strategic and practical.

Cybersecurity And Remote Work

Cybersecurity

Allowing employees to work remotely requires a lot of trust. You trust them to do their job well, and most do, however you also have to trust them to not do anything foolish or compromise customer information or company data from their remote work environment.

When they work remotely, you have to trust that they are following the correct protocol in keeping information safe, however, when you have a lot of employees that aren’t savvy when it comes to cybersecurity, they can unknowingly jeopardize the company.

Let’s face it, most of your employees know very little about scams, hackers, and how a simple act of carelessness could mark them and the company as easy targets.

Safety and security measures for your remote employees is also a big deal to your customers, as well. Some customers may even refrain from doing business if they feel like your operations are risky.

At the end of the day, hacks and stolen information can not only be costly for them financially, but can also ruin their reputation.

While you don’t need everyone to get technical degrees or dive into the news daily to see what new threats they could be facing, there are some things you should require as a company, or things you can work with your IT department to do that will help protect both your employees, your customers, and your company.

Here are 5 Things you can do to Help Protect your Company.

Proper Password Protocol.

People hate remembering passwords.

So, they pick one, and they apply it to every login, from their bank account, to their social media, to their online shopping. Terrible, we know!

What’s worse, is they pick a name that can be easily discovered in online searches, such as a child’s name, or birthday, or just a ‘123’ at the end.

Let’s not even talk about the people that use “password” as their password.

Every new hire training you have should include a session on how to pick a unique, proper password that is only used for work, and follows best practices for nomenclature.

It should be emphasized that this is also not to be written down on a sticky note attached to their computer, as well.

Require VPN access.

Your company should have a Virtual Private Network (VPN) established for when employees are working remotely. This means that they have to log in through this network before they can access company sites, or customer information.

As most workers will be working on their own Wi-Fi, you’re putting a lot of trust that they have it set up securely, and that more than likely may not be the case.

A VPN can help thwart some of those issues.

Employer provided devices.

Providing employees with company devices is a major step you can take in protecting your company.

When remote workers use their own devices, you run the risk of viruses being passed along through files, or that they don’t follow the best practices for protecting their own equipment with solid passwords. They also could have directly downloaded files that would be easily viewed if their laptop was stolen.

You can monitor on your own devices if they are following company protocol when it comes to using the VPN in order to access data (which is also recommended, by the way).  This isn’t intended to spy, but should be used only when it’s necessary to monitor best practices.

Frequent Training Sessions.

It’s very easy to attend a training session, and forget what you learned a week later. Your company should have frequent, mandatory training sessions, with attendances being recorded for who attends (even remotely).

Great topics include Passwords and VPNs, as we’ve previously discussed, but also best practices about sharing files. Go over common scams, and “Do’s and Don’ts” such as refraining from sharing links that seem suspicious on the company chat.

Also, let employees know the best way to report incidences or suspicious behaviour, so if something is detected, you can let everyone know immediately, before it has a chance to spread any further.

Blacklist of Sites.

It’s not uncommon for workers to take breaks throughout the day and check in on some of their favourite sites, however, this should be prevented, if at all possible.

Although it may not make you very popular with the cool kids, it’s important to protect your hardware. Creating a blacklist of sites that serve no purpose to your company is one step you can take in keeping viruses and malware at bay.

Create a policy, if you must, on refraining from using those sites on work devices, and encourage workers to do so on their own cell phones or personal laptops.

Employees may be more receptive if you let them know ahead of time, and explain why this is so important to do.

At the end of the day, it takes everyone being careful and learning as much as possible about cybersecurity issues to keep your data, hardware, and employees safe. This is very much worth the time and money it takes to invest, in order to stay on top of such pressing issues.

Exit mobile version