What are the challenges of remote working?
For employers one of the main challenges of remote workforce management is monitoring productivity and ensuring staff are available when they are expected to be.
However, secure remote working is more of a challenge when trying to maintain rigorous cyber security. These include:
- Monitoring the devices that staff are using for business purposes.
- Preventing staff using public or badly secured Wi-Fi networks.
- Remaining GDPR compliant where employees could be storing client details on personal devices or using shared internet connections or personal hotspots.
- Ensuring communication systems between remote workers and the office are secure when discussing sensitive data.
- Maintaining regular communication between staff and the IT team and solving issues before they become problematic.
Why do remote employers pose a cyber security risk?
Challenges associated with home working are not always due to the actions of the employee but can also be down to infrastructure weaknesses within the company.
- Employers may not have adequate back-up and recovery systems in place, meaning data can easily be lost if there is a security breach.
- Within the office environment setting employees up with unlimited data access may not be an issue but can lead to a vulnerability against hackers when working remotely.
Why do remote workers pose a cyber risk?
Many cyber security challenges can be posed by the behaviour of the employees, which is not easily monitored with remote working. Such challenges may be posed by:
- Using public or badly secured Wi-Fi connections which could make them more vulnerable to data breaches.
- Weak passwords or no password on devices used for business purposes.
- Using the same device for personal and business use. Should malware, ransomware or a virus be downloaded with a file for personal use, then all business data could also be lost.
- Using personal hardware rather than the hardware provided by the company.
- Transferring data between a business and a personal computer.
How to ensure your employees are secure when working remotely.
As with many things the best form of defence is education. Remote workers need to have clear guidance on security policies, BYOD policies, how to keep PCs and data safe from security threats, how to spot phishing attempts, and the dangers of opening attachments and clicking on links.
Whilst having this written down in an email is a great reference tool, regular training sessions either face to face or via video conferencing will enable staff to ask questions and keep up to date.
However, there are a number of cyber security solutions that should be implemented to protect company data from threats:
- All employees should be provided with devices to be used for business purposes only and set up with dual-authentication logins.
- All hardware provided to employees should have up-to-date anti-viral and anti-malware software.
- Cloud Management Suite could be used which makes it easier for employers to keep data secure, whilst limiting access and sharing rights amongst employees.
- Employees should have a local back-up on their hardware to limit the possibility of data loss – this could be through a centralised data back-up or cloud back-up system.
- Have frequent communication between IT teams and remote staff as it may raise issues before they become a problem.
- Monitor what employees are doing online through cloud-based tools that can show when they are online as well as what projects they are working on.
- Only provide workers with access to the data they need to complete their jobs, therefore preventing vulnerability to cyber-attacks.
Cyber Security Tips for Remote Workers
Whilst it is impossible to be 100% safe from cyber-attacks, by following these seven tips for computer and network security it will be a lot harder for cyber criminals to infiltrate systems and compromise the safety of your data.
- Keep work data on work computers: If the company provides devices for work purposes, only use them for work purposes. Don’t be tempted to work from personal devices no matter how convenient it is, as there may not be protected by the same level of security.
- Encrypt sensitive data: Ensure all files containing sensitive data are encrypted to make it harder for data to be stolen.
- Encrypt devices: Using local drive encryption software like BitLockers, makes the device difficult to access should it be lost or stolen.
- Avoid public or unsecured WiFi: This could leave your device open to vulnerabilities. Always use encrypted Wi-Fi for business or ensure your home router has been encrypted.
- Update software security system: Anti-virus and anti-malware software is only effective if it is kept updated. Always make sure the latest versions of software are installed, and all updates are done as soon as they are available.
- Safeguard internal communication: Rather than connecting to company servers through the personal home internet it is preferable to use a VPN (Virtual Private Network) which can be set up through the home router and can be used purely for business.
- Strong passwords: Long passwords of at least 12 characters, with a combination of upper and lower case, symbols and numbers are best. Avoid things like favourite TV shows or pets. Multi-factor authentication is advisable with pin, facial or fingerprint scan in addition to a password.
If you are concerned about the safety of your home workers’ data, or feel your cyber security solutions could be improved go to https://www.cisltd.com/services/cyber-security/ or speak to a member of the CIS team today to find out how we can help.