|
|
Remote employees are one of the biggest concerns for companies in relation to cybersecurity. Companies spent years developing their server hubs, firewalls, automatic backups, and other security protocols to keep data safe. But with more employees working remotely, more employees are working outside that carefully secured environment. They represent the biggest risk when it comes to data breaches.
Businesses need to have strict protocols in place for remote employees to ensure data protection, and provide appropriate access to what is needed to secure data in remote locations. But what are the main things that company IT teams and remote workers need to think about in relation to cybersecurity?
Antivirus, Adware, and Malware Protection
These days, antivirus and malware protection works pretty well, so most of us don’t think too much about it, until we forget to renew, and our computer gets so clogged up with malware that it slows down to a snail’s pace. This is annoying, but it can also be much more serious, as these security breaches can facilitate the kinds of cybercrimes that see the personal data of millions of customers leaked.
If you are in the office, your company’s IT team is probably implementing protective software and ensuring that it is updated on a regular basis. Company IT teams should be providing that same software to remote workers and sending regular reminders to update. Remote workers need to prioritize those updates and confirm when they are done. While conducting these kinds of updates can feel like a time vampire, if your company does suffer a major data breach and it is identified as coming from your device, there could be significant consequences for you.
Password Creation and Security
These days everything requires a password, so it can be tempting to recycle the same passwords or choose things that are meaningful to you. But this is always a bad idea as it can make it easy for people who have enough information about you to guess your password. It is easier than it looks! How many times have you posted a picture of your dog with their name or uploaded a birthday shot?
Whether it is personal or work, we should all be concerned about passwords. Say you sign up for an online service that you plan to use once for a project, and you use a password, that happens to be the same as your Netflix password. Once your first password is detected, they can also access your Netflix using the same email and password. And this doesn’t just risk your account getting blocked for multiple logins. Your Netflix account has payment details that link back to your bank. It is all a very slippery slope.
All employees should have access to a password manager as standard to ensure better password protection. They can generate complex passwords that no one will guess, and also remember those passwords for you so that you don’t have to. You just need to remember the password to your password manager, and make it a good one.
Learn more on our page about preventing identity theft for digital nomads.
Two-Factor Authentication
These days, most companies are implementing two- factor authentication to their sensitive systems. This is simply requiring two levels oof authentication, often your password and then a security code sent to or generated on an authorized device. This means that if a list of passwords is stolen, access is still blocked unless a person has both the password and the authorized device.
VPN
Remote workers can often be transferring sensitive data over the internet, giving hackers the opportunity to access and exploit that data. The easiest way to prevent this is with a VPN, which masks your internet activity from outsiders and encrypts all data that you transfer online. While this does not make your data 100% hack-proof, it makes it challenging enough that hackers are likely to look for easier targets.
We’ve previously argued that everyone should use a VPN most of the time to protect their identity when they go online. But company’s should certainly be implementing VPN protocols for workers,
Cloud Backups
If something happens to your computer, whether it is stolen from a coffee shop or has a spontaneous meltdown, you can lose everything you have been working on. This is why remote workers need to back up work to the cloud regularly so that it is still available for them and colleagues to work on as needed.
This is not the same as using online syncing services such as Dropbox, OneDrive, or Google Drive. These are great services for collaboration, letting you access the same documents from different devices, and ensuring some of your work is available if something happens.
Cloud-based remote backup services make periodic copies of your entire device, down to the disk level, or you can choose what to back up to save space. I remember at my last office job this used to happen on a weekly basis, and I was told to leave my PC on one night a week so that the automatic backup could happen.
The main benefit of a backup is that if something happens to your device, you can restore everything with just a few clicks and pick up where you left off.
Read our complete guide to the best cloud back up services for digital nomads.
Device Security
Another big concern with remote workers is device security, as they are taking company devices, or personal devices with company data on them, off secure premises. Those devices are vulnerable to being stolen and exploited.
There are a lot of things to consider when it comes to device security, starting with:
- Password protection: all devices should be password protected, and with something harder to crack than 123456.
- Line of sight: Devices should not be used when others may have line of sight of your screen and keyboard. Part of this relates too where you work, but you can also use things such as screen shields to prevent anyone from being able to look over your shoulder in a busy café.
- Remote tracking and wiping: Devices should be properly attended, and should not be left on café tables when you pop to the bathroom or in cars. But if your device is stolen, you should be able to perform a remote lockout and track the location of the device. If the device can’t be saved, remote wiping should be an option.
Security as Part of Remote Work Policies
Remote work is changing the way we work, and companies have to keep up when it comes to HR concerns, tax liabilities, and cybersecurity.
The truth is, doing cybersecurity well doesn’t have to be challenging with the right investment in technology and appropriate training. But as the workforce becomes increasingly IT literate, we expect and assume that people know basic things such as backing up regularly, remote wiping of devices, and choosing strong passwords, but as things become more common place, we also think less about them. So, as well as investing in the right technology, it is also essential for companies to invest in the security awareness of their staff.
