INTRODUCTION: WHY SECURE YOURSELF WHEN WORKING REMOTELY?

There are many benefits to working remotely, including less time spent commuting, less office distractions, and lower possibility of catching a serious infection. That said, when you work remotely, whether from home or a location across the globe, YOU are the sole responsible party for ensuring the security of your person, your devices, and any information you carry.

You can’t rely on the high level of security implemented at the office, so you need to prepare well for working remotely. If you don’t, you risk becoming an easy target for thieves, pick-pockets, unscrupulous competitors, and other criminals who will readily steal personal or company data that is badly – if at all – secured. Good preparation, however, can significantly reduce your risks and make your remote work experience a lot more comfortable and productive.

WHAT SECURITY RISKS DO YOU FACE WORKING REMOTELY?

Many factors can compromise the security of remote workers and the company data they use daily. For the purposes of this course, we have grouped these risks into four major categories: physical theft or loss, lack of personal awareness, unsecured public connectivity, and unrestricted company access.

Physical Theft or Loss

Working in a physical office environment provides many advantages, including implemented security systems and personnel, digital data security mechanisms, established security practices, and dedicated security officers.

When your workplace moves to a different location – a home office, coffee shop, or any other public space – there are no security measures you can fall back on. This makes your work devices an easy target for many people, from the basic thief who will sell your computer at the first opportunity, to the hacker who will happily get through your limited firewall, to the corporate thief who is out to steal any company info your competitors will benefit from.

Lack of Personal Awareness

In many cases, working remotely brings less distractions, and the organized employee can do more deep work when away from the office environment. However, without the habit of constant vigilance, a remote worker may not even notice that they are being watched/followed, phished/tracked, or otherwise attacked.

Moreover, many remote employees fall into the habit of accessing company data from unsecured personal or public devices, or worse – allowing third parties to browse the web from a company issued device. Unfortunately, either practice can easily compromise the security and data of any organization.

Unrestricted Company Access

Many companies give their remote workers the same privileges and access as they would have in a safe office environment. This includes full access to company networks, cloud storage, internal systems, etc. However, if a worker isn’t diligent and lacks the necessary security knowledge or commitment, such privileges can give an attacker full access to company data.

Moreover, many remote employees fall into the habit of accessing company data from unsecured personal or public devices, or worse – allowing third parties to browse the web from a company issued device. Unfortunately, either practice can easily compromise the security and data of any organization.

Unsecured Public Connection

How many times have you used a public Wi-Fi network when traveling, such as at the airport or a hotel room? The majority of these networks lack any security, which means that using one for your corporate needs exposes your device and data to potential hacking.

The threat is real because most public networks aren’t encrypted and don’t require authentication to establish a connection. Such a network, even if it is one you set up at home, can easily grant hackers access to all of the information you are sending on the Internet, from confidential emails, to your company’s security credentials, and even credit card details.

WHAT CAN YOU DO TO PROTECT YOURSELF AND YOUR COMPANY WHEN WORKING REMOTELY?

Fortunately, anyone can secure their remote office. It takes vigilance, building some habits, and staying aware of necessary security procedures.

Follow these 7 steps.

STEP 1 – Prepare yourself and your materials.

When you need to work away from the office, whether you’re traveling or simply working from home, make sure that you are well prepared to perform your tasks efficiently. The IT support desk should give you adequate, secure access to company files and systems that you will need to be productive.

Before you leave, pack your computer, power adapter, and any documents you will need in your line of work – but don’t overdo it. Unless absolutely necessary, customer confidential data, sensitive business plans, protected information, and proprietary data is best left at the office. This precaution will reduce the number of things you must keep secure, and if your device is stolen or lost, will minimize the risk to your company.

STEP 2 – Keep your devices up to date and secure.

To secure your devices, you have to make sure all installed software, including the operating system, is up-to-date. Keep in mind that no operating system is completely unbreachable. Security vulnerabilities are discovered all the time and can affect any version of your software. However, the risk is much higher when the operating system is older and unsupported. It’s wise then to make sure your personal and company devices always run on a supported OS version, ideally, the latest possible release.

Most security vulnerabilities take over two months to resolve. Imagine what can happen to a system if it’s exposed to threats for that period of time! To eliminate further delays in updating your device with the latest security patches, it’s best to turn on the automatic updates option and allow your system to download and apply updates as soon as they are available.

Once your system is secured with regular updates, it’s time to turn your attention to all the other programs that run on it. This includes your office or creative suite, your browser, and any other software that can present a vulnerability. Luckily, modern-day software checks for updates automatically, so all you need to do is make sure downloaded updates are applied in a timely fashion.

STEP 4 – Be aware of your physical surroundings.

Your physical surroundings are so important, neglecting them can compromise the security of your person, your device, and your company data. This is especially true when working remotely, even if you’re working from home. To ensure the safety of your environment, always close and lock your doors.

Stay vigilant of activities occurring around you, and never leave any device or thumb drive unattended in public places. In the time it takes you to use the restroom, your device could be stolen or compromised with malware. Loss of your device and information stored on it can not only cause stress and disrupt your work process but result in fines for you and your company.

STEP 5 – Watch your back.

When working from a public location, pay attention to your sight lines. If possible, sit with your back to a wall so no one can look into your screen from behind (also known as shoulder surfing). Another option is installing a privacy filter app, which doesn’t allow anyone looking at your screen at an angle to snoop for information they’re not meant to see.

Stay vigilant of activities occurring around you, and never leave any device or thumb drive unattended in public places. In the time it takes you to use the restroom, your device could be stolen or compromised with malware. Loss of your device and information stored on it can not only cause stress and disrupt your work process but result in fines for you and your company.

STEP 5 – Protect confidential information.

When working away from the office, it’s particularly important to protect any confidential or personal information that you use, carry, and store. In a public setting, many people could have malicious intent, including thieves and competitors, and in case of loss or theft, your company may be held liable for disclosing protected information.

Keep in mind that public computers aren’t safe and should never be used when personal or confidential data is involved. You don’t know if malicious software hasn’t been previously installed on a public machine, so avoid entering login credentials, bank account information, social security numbers, or any other confidential information. If you must use a public computer, make sure you use “private browsing,” do not check any “save” or “remember” boxes, clear your browsing history, and delete all downloads before closing the browser.

STEP 6 – Never leave work computers in your car, hotel room, or other insecure location.

To avoid theft of your work devices, and hence sensitive personal or corporate data, always keep them on your person when you’re working remotely. Don’t leave them in your car, not even in the trunk. Hotel rooms aren’t safe either, as personnel can access them at any time.

STEP 7 – Encrypt sensitive information in email and on your devices.

No information sent via email is secure unless you make certain to encrypt it first. Encryption is a process that encodes the information in a way that makes it difficult to decipher by unauthorized parties. If you need to send sensitive data over email, make sure you encrypt it first.

As a precaution, you should always encrypt all of your stored data, so that if your device is lost or stolen, no one could gain access to the stored information without knowing your password or pin.

USE YOUR BEST JUDGEMENT!

Whenever you work away from the office, whether you are at home, in a hotel room, airport, café, or anywhere else, you are in more potential danger than working on corporate premises. Therefore, it’s in your – and your company’s – best interest that you always use your best judgment.

If you are ever unsure as a a pop-up message, warning, or the legitimacy of an email, STOP, call us- we are happy to help.

And remember, you are an important security link!