3 Policies for Your Remote Workers to Reduce the Risk of Security Hacks to Your Business

The advent of the Coronavirus has forced companies to allow their employees work remotely from home. Heimdal Security addresses three bad habits related to remote work that your remote workers may be making that endanger your organization:

In a recent study, OpenVPN reported that 90% of IT professionals believe remote workers are not secure. At the same time, over 70% think remote staff poses a greater risk than onsite employees. So, the good news is that experts are actually acknowledging the security risks of remote work and this is the first step towards addressing the issue.

Creating a work-from-home security policy

So, how do you protect your company’s private data when you can’t fully control the devices used to access your network? Where should you start to make sure your remote workforce is secure? How can you reduce the cyber security issues with remote work?

The first step is to create a security policy specifically designed for remote workers. 93% of the IT professional interviewed in the OpenVPN study already have a formalized remote work policy in place and this quite impressive and reassuring.

Below are the essential security clauses that should be included in your remote work policy:

Clearly define which positions are eligible for remote work.

Be transparent towards your employees. Everyone should be aware which job functions are allowed to work remotely are which are not due to security reasons. Unfortunately, not every position is a good fit for remote work. If you don’t have a clear guide in place, chances are your work-from-home approvals will be judged as unfair.

List the tools and platforms they should be using.

Both your remote and on-site employees should be on the same page at all times and use the same approved tools, such as cloud storage platforms, communication/video conferencing tools, project management tools, etc.

Provide employees with steps to follow at the first signs of account compromise.

Companies with ISO 27001 Information Security management systems should have all of these policies in place. One risk for companies to add to their risk assessments is Pandemic.

Is your company prepared for a Pandemic?

Email jim@cpisys for more information on risk assessments and ISO 27001 Information Security Management System