Cyber Security Considerations for Mobile and Remote Employees
April 17, 2018
Seven tips to protect your organization’s systems and data
Across many industries, remote work has become a fact of life. The New York Times reported on a Gallup survey that revealed 43% of U.S. employees worked remotely at least part of the time, adding that “those who spent 60 percent to 80 percent of their time away from the office had the highest rates of engagement.”
Whether mobile employees are working from the road, at customer sites, or remotely from home offices, corporate IT staff has less control over the IT environment. Here are seven tips to help you manage cyber security for your remote employees:
Establish an IT security policy for mobile and remote workers.
HR and IT should work together to develop a policy that educates employees about the security risks of remote work and provides guidance about what actions employees should take to secure their technology as well as any steps the organization will take. Finally, the policy should have specific instructions about what employees should do in the event of a cyber incident that may have exposed the company’s data.
Ensure secure connections to the company network.
Mobile and remote employees need to be able to access business computer systems in order to perform their jobs. But you can’t let their access from a home computer or mobile device endanger your business network. IT will need to formulate a plan for securing remote connections through a Virtual Private Network (VPN) or network hardware that encrypts network traffic to and from remote computers.
Guard against malware infection.
Require remote employees to run anti-virus, anti-malware software on their devices and laptops. But that is only one layer of protection. Your company will also need security “tools that make sure remote computers have security patches installed, are configured correctly, and are monitored for signs of infection.”
Teach good password hygiene.
Weak passwords or passwords that are not stored securely make a hacker’s work easy. Employees need to create strong passwords, with random combinations of letters, numbers and symbols. They should change passwords regularly (IT can force users to create new passwords for login to many business systems). Never use the same password for corporate systems that you use for websites.
Avoid public WiFi.
Traveling employees should not connect to public, unsecured (no password required) WiFi networks, such as those found in hotels (including the business center), coffee shops, and airports. Instead, use mobile data plans for smartphones. Either tether laptops to phones or have employees use mobile broadband cards.
Secure laptops and devices.
Lost or stolen devices such as phones, tablets, or laptops can cause critical data breaches. Places like airports can be especially vulnerable. Employees should keep devices in their carry-on bags. Laptops and phones should be password protected. Your IT department may also wish to install software to remotely wipe or permanently disable company-issued laptops or mobile devices. Employees should know how to report stolen devices promptly to the IT department.
Evaluate data privacy compliance.
Depending on your industry and whether your company has global customers, you will need to consider data privacy laws. Evaluate whether remote data access from your mobile employees could result in any data loss that would jeopardize your company’s compliance with laws such as HIPAA or GPDR.
There are many benefits to mobile and remote employees, including higher levels of engagement and productivity. But companies must also consider data security concerns and create solid IT and HR policies to protect the business. Asure Software Mobile Workforce Management solutions provides companies with technologies to keep pace with their mobile workforce.