Remote work has become an increasingly popular option for workers everywhere. But working remotely comes with its own share of security risks to employees and businesses as well!
In this webinar, we define the risks of remote work to employees and businesses, as well as some best practices to take in order to avoid security risks working from home.
What do we mean by WFH?
Working from home (or WFH) doesn’t mean just literally “working from home”: WFH includes work done remotely. When we use “WFH” or “remote work,” we are referring to work done outside of the traditional office environment.
Why Consider WFH?
Here are 5 great reasons to consider WFH:
- To eliminate commuting: working remotely saves money on insurance and especially gas prices which are sky-high at the time of this writing (June 2022).
- To have more time and fewer distractions: on top of eliminating commute times to and from the office, some people find the office environment can be very distracting (shout out to ADHD colleagues, we see you!)
- To increase productivity: less distractions means more productivity, but working from home also means you aren’t pulled into meetings unexpectedly, and colleagues can now send you a message to ask questions instead of making a pit-stop at your desk
- To increase flexibility: here at Clearbridge, remote work means extended support for our customers! For example, our ops technicians on the East Coast can provide service hours before our West Coast offices open, increasing overall service hours, which is a win for all our customers!
- To enhance work-life balance: your saved commuting time can go towards organizing your room, doing some laundry, or even preparing dinner instead of ordering take-out! WFH can enable a healthier lifestyle at home!
Here is what you need to keep in mind when considering WFH
- Risks for employees
- Risks for companies
- Creating a WFH security policy
- Best practices to avoid security risks when WFH
Risks for Employees
When employees work remotely, there are several situations where their data is vulnerable:
- Accessing sensitive data using unsafe Wi-Fi networks: public Wi-Fi connections, while convenient, are not always secure and could be faked by a cybercriminal sitting in that same coffee shop you decide to sit in.
- Ignoring basic physical security practices in public places: avoid exposing laptop screens or leaving devices unattended. When possible, sign out of your computer, lock your screen, or close your laptop to be doubly sure nobody can access your information.
- Using weak passwords: good password habits ensure your personal identity is protected and company data is safeguarded in the event of a breach. Watch our webinar on creating stronger passwords here.
- Using email to share files: Email is by default NOT secure, which means any files you send through them can be intercepted by a cybercriminal. We always recommend using your company’s file-sharing system (Google Drive, MS SharePoint, etc.) as a safer alternative
Risks for Companies
Remote working has its share of risks to companies too:
- Email scams: sophisticated phishing emails are challenging for employees to recognize, leading to them inadvertently giving access to company networks and private information.
- Personal device usage: while using personal devices saves on expenses, it exposes companies to cyberthreats or data breaches. Have a policy around the use of personal devices to enforce cybersecurity practices.
- Weaker security controls: most workers take their company devices home with them and don’t have the same level of protection their office does. Enforcing additional security measures is critical to protecting your company.
- Threats everywhere: employees may let unauthorized users (like family) use their work devices, which increases the risk of malicious software and websites being accessed.
Creating a WFH Security Policy
When creating a WFH security policy, ensure the following:
- Clearly define which positions are eligible for WFH
- List the approved tools and platforms for use
- Provide employees with steps to follow at the first signs of account compromise
- Provide employees with training that will help them recognize the risks and know what to do when cyber incidents occur
Best Practices to Avoid Security Risks when WFH
Here are a few common best practices which you can implement today:
- Enable multi-factor authentication (MFA): MFA provides an additional layer of security. The more security layers in place, the harder it is for cybercriminals to access your information. Read more about MFA here.
- Use a password manager: These tools organize and protect your passwords, as well as encourage stronger, unique passwords. Password managers require a complex password and/or MFA to access your password list.
- Keep software up to date: install the latest software as soon as possible, as updates help patch security flaws and safeguard your computer.
- Learn how to detect phishing scams: understand the key signs of a phishing email, and always be vigilant! Watch our video on how to detect a phishing email here.
This is a LOT of information to take in, so we’ve created a one-pager with the key takeaways for you down below.
At Clearbridge Business Solutions, we’re dedicated to equipping our customers with the tools they need to be more cyber secure through managed IT services and educational resources.