Don’t Miss the Remote Security Boat

November 7, 2019

Remote work provides many benefits to employees, employers, and the environment in the form of boosting worker productivity and efficiency, helping to attract and retain employees, lowering overhead, and reducing vehicle emissions, among other advantages.

But the growing trend also brings its share of challenges, from data leaks, security gaps, and lack of accountability.

In 2016, about 43% of U.S. employees worked remotely, an increase of 4 percentage points since 2012, according to Gallop’s State of the American Workplace. The report also found that employees are increasing the frequency of their remote work.

Offering a remote workplace can help increase an employer’s candidate pool and retain existing employees. A Stanford University study in 2017 found that employers who offered a work-from-home option experienced a 50-percent reduction in employee turnover rates.

Additionally, companies have reported significant reductions in operating costs from shifting some employees to remote work. Aetna, for example, saved about $78 million in real estate costs by making 41.4 percent of its 35,000 positions entirely remote, according to Forbes magazine.

But remote work also comes with an obstacle course of hazards related largely to security and accountability of the employee in following the company’s policies and protocols.

Businesses can address these pitfalls with effective, documented, and clearly communicated policies and protocols for remote work and requiring employees to sign them.

Among some of the hazards are remote employees connecting to public Wi-Fi at their local coffee shop or at the airport – two of the many places remote employees might work.

Unsecured wireless networks can compromise the company’s sensitive data. A solution is to provide employees with a virtual private network (VPN). Through encryption, VPNs foster virtual peer-to-peer connections and safeguard information transmitted online while protecting internet connections from trespassers. Furthermore, disabling split-tunneling while connected to the corporate VPN enhances security by forcing all network traffic through the more secure connection.

Another effective policy is to restrict the use of company-issued smartphones and computers to work-related tasks.

Nearly half of employees surveyed by Cisco and market research firm Insight Express in 2014 admitted to transferring files between work and personal computers when working remotely. Such transfers present security gaps in which third parties could wittingly or unwittingly access the company’s or employee’s confidential information.

Installing a cloud-based employee-monitoring software on devices enables businesses to hold their employees accountable for complying with the policy. Mobile Device Management technologies allow organizations to restrict and monitor usage on mobile devices, and implement rules to curtail certain behaviors.

Regular training on how to be alert for suspicious activity during email communications and work on internal platforms and external websites is also a good idea. While training employees to be vigilant for security breaches, make sure you offer an environment where employees are comfortable with promptly reporting security breaches. In such an event, timely reporting is crucial.

Some other tips for enhancing security in remote work environments are to:

  • Require strong passwords and different passwords for each platform, on a regular expiration cycle.
  • Implement and mandate multi-factor authentication for both on-site and remote access to corporate resources.
  • Regularly and automatically update anti-virus and anti-malware software on remote workers’ devices.
  • Use encryption to send important files via email. Another option is to mandate remote device encryption. When encrypted, the drive forms an impenetrable shield of protection against hacking, but unlocked, it works as an ordinary electronic communication, according to Keap, an Arizona-based customer relationship management (CRM) software provider.
Next Post