Today we are in the age of the mobile workforce. From salaried experts to freelance contractors, it is now possible for almost any kind of employee to work remotely. And if your business is configured correctly, you can offer remote work and telecommute days as a very tempting employment opportunity. Working remotely can mean not having to move for a job or being free to take an endless ‘working vacation’ traveling around the world. Some people work from home, on the train, or in a shared working environment.
Data Security for the Mobile Workforce
Remote work and telecommuting technology also allow business-tripping employees to get more done and stay better connected while on the road. But all of these new opportunities also come with new security risks. Once employees are no longer on company computers on the internal network surrounded by trustworthy coworkers, a security breach could be around any corner. One simple human mistake away.
This is exactly why businesses and remote employees need to work together to build secure apps, procedures, and security policies that will help protect company and customer data absolutely. Today, we’re here to talk about the top 13 steps every company with remote employees should take to ensure data and network security.
1. Provide Laptops and/or Phones
The first major concern when managing mobile positions is BYOD, or Bring Your Own Device security risks. Essentially, you can’t count on employees to keep their own personal laptops or phones clean of sneaky malware or insecure apps for personal use. People experiment with app, use social media, chat, open files, and all sorts of things that aren’t data-secure on their personal devices.
BYOD can save the company some money, but company-provided laptops or phones can be kept much more secure. Not only will you have greater reasonable control over what is installed on the devices, but employees will also have an easier time remembering not to download potentially insecure personal-use apps.
2. Create a White-List and Black-List of Apps
When maintaining app security and ensuring no lurking malware is riding into your network through remote employee devices, the best way to do this is to have a white-list of apps, programs, and default settings. In other words, a secure ‘reset’ configuration that a device can be wiped and reset to, then be able to do all the work-related tasks needed. If there’s a questionable app or piece of data on a device, check it against the whitelist and wipe if it’s not on.
Likewise, a blacklist is a list of apps, data, and other activity that is known to be a threat. This might be known malware, insecure apps on the app store, or types of data that tend to indicate hidden malware. These things should immediately red-flag on device scans and there are some ways to ensure company devices won’t even install certain apps.
3. Do Regular Device Scans and Updates
Remote and telecommute employees connect to your business network and important documents with their devices, but devices outside the office can pick up malware in many ways ranging from phishing emails to unsecured public wifi. If your employees occasionally come into the office, ask to do device scans then to make sure their laptops and phones aren’t carrying any hidden viruses.
And if they never come into the office, you can your remote employees copies of good scanning software. Then ask for scanning reports two-four times a year and you can ensure that devices are clear of any detectable problems. You can even ask everyone to reinstall the operating system once a year, which is a good excuse to clean up personal files and create backups of anything important.
4. Stick to Private Secured Wifi Networks
Unsecured wifi networks are, in fact, one of the biggest security risks in the mobile workforce. Most remote professionals are used to picking up whatever wifi network is available, from the public library network to the local Starbucks. And while there are many little harmless wifi networks in the world, there are also many trap networks hosted by hackers with ill intent.
The problem is that a wifi host who knows what they’re doing can access and infect any device connected to them. And they do this by pretending to be local business wifi or conspicuously insecure residential neighborhood wifi. Fortunately, the solution is simple. First, advise your remote workforce to stay away from unknown wifi networks. Then supply them with mobile hotspots to provide their own company-configured secure wifi network in any location that can get a signal.
5. Prohibit Use of Public Computers
Along the same lines, your remote team members should also be wary of public computers. In hotels, libraries, shared working spaces, and lobbies of any large office building. Hackers love public computers because they can install keylogging and spyware software, then collect the passwords of dozens of people who pop in to use the computer on their way through.
6. Idle Time Log-Out
Any website portal, app, or software your company uses should automatically log users out on idle or device sleep. This ensures that no phone thief, next computer user, or friend borrowing a device can easily gain access through a secured employee account. Automatically logged-in apps and websites are the opposite of secure. We suggest using clever password-alternative log-ins to make reentry easy for employees and near-impossible for onlookers or password-cracking malware.
7. Keep It On the Cloud
One of the best ways to keep your company data secure from local-network attacks is to keep your files and services on the cloud. A DMS (cloud file storage) ensures that your employees never download an infected file directly. And cloud-based collaboration platforms make telecommuting easy for your remote team members. As long as you work with secure reputable cloud providers, cloud work also makes backups, restorations, and integration easier.
8. Encrypt Everything
Any remote communication, with employees or customers, should be encrypted at every possible point. Encryption puts all your data into an unreadable code. Even if a hacker steals your data, they won’t be able to use anything encrypted because they don’t have the encryption key. This isn’t as important inside the office network, but data can be stolen in-transit through the internet as packets. So emails and work files sent back and forth from mobile employees creates a tappable line of company data.
Encrypted data can’t be read. So at the minimum, encrypt your business emails. Ideally, all of your business software will be encrypted on both ends to ensure that any data stored in a device or traveling over the web is encrypted at all times.
9. Never Trust an Unknown USB
You’ve probably heard that links in emails are dangerous. But USB connections are just as likely a vector for malware and infection. Any thumb drive or device connected by USB can be infected with a planted virus, root kit, or any number of nefarious add-ons. Often masked as legitimate files like music or PDFs.
As a policy, ask your mobile workforce to never connect a USB thumb drive or device-to-device cable to their company laptops or phones. Charging can be done through a socket-to-USB converter, hubs, and devices. But connecting to any unknown data source has a very high risk of malware infection and direct hacking.
10. Enforce Password Security
It’s incredible how much passwords still matter in an age of iris and fingerprint scanning devices. But they do. Passwords are the one universal security measure that can be managed through websites, mobile apps, email, and self-help portals. And the quality of a password really does matter. Simple and easy passwords can also be simply and easily cracked by force programs that guess the top several thousand most likely password combinations. Some use elements from a target’s social media to guess their favorite words and significant people or dates.
So teach your workforce to craft high-quality passwords using the acronym method. Only they will know which acronym they chose and it’s easy to remember.
11. Always Hide Passwords and Pins
Speaking of password security, never ever allow passwords or pins to be printed on a screen. Hackers have been known to target remote workers and get a personal or camera angle on their screens in order to steal passwords. Which is particularly dangerous because, for most people, one password works for a lot of different accounts. Help your team members keep their passwords safe by never permitting a password to be visible in more than character count. And, if you ‘remember’ passwords, don’t even display the character count.
This is one of the best possible ways to help mobile and telecommuting employees who work in public keek their passwords secure.
12. Laptop Lock-Up Policies
Laptops are one of the most popular items to steal of all time. They are valuable, portable, and often full of profitably private corporate data. Remote working professionals are also easily identifiable by their mobile-office setup and businesslike demeanor in public places. City thieves are known for waiting until a laptop was briefly unguarded or momentarily left unwatched to strike. Laptops also commonly disappear from hotel rooms through one illicit route or another. And other mobile devices are not any safer.
Teach your mobile employees to keep their laptops and work devices on their person, in their sight, or locked away at all times. Consider providing locking laptop bags that are easy to carry on-the-go. Offer advice on locking drawers, and help employees build a device security routine. Device tracking when out of the house can also help find devices if lost or stolen.
13. Monitor Your Network
Finally, make good use of network monitoring. If a remote employee is hacked or accidentally exposes the company to malware, network monitoring gives you the best possible chance of detecting it. Network monitoring establishes a baseline of how your network runs and can, therefore, identify anomalies caused by hidden malware lurking and using resources. It may also be able to detect unusual files coming in from remote employee connections.
Keeping your company safe and providing remote work opportunities is an interesting balance of connectivity and tight security. By providing devices, training, and regular malware screening you can help remote employees and ensure company-wide data security. For more insights on how to implement a secure remote and telecommuting workforce, contact us today!