Three Remote Working Habits to Implement Today
With organizations increasingly supporting remote workers, heavy-duty home offices are becoming more commonplace. Whether you work from home occasionally, regularly, or on an everyday basis, it’s likely you’ve adopted a number of habits that help you to work as efficiently and effectively from your home as you would at an on-site location. But have you adopted good cybersecurity practices as well?
The simple fact is that your infosec team works hard to protect all organizational data and systems — and your personal information is included in that mix. With an ever-expanding mobile workforce, the challenges are real. Your involvement is critical to ensuring that the data that belongs to all the people your organization serves — including you, your coworkers, and your customers — stays as secure as possible.
Following are a few key tips to keep in mind whenever you work on company projects and connect to corporate systems from your home office.
Tip #1: Secure Your Workspace
It’s important not to be lulled by a false sense of security simply because you are working in an area that feels comfortable and safe. Remember the following advice — and take corrective action to fix any vulnerabilities in your home office security:
Protect Your WiFi Network
If your home wireless network does not have technical safeguards and a strong password in place, it is as defenseless as any free WiFi hotspot. Should your home network be compromised in some way, the corporate devices you connect to it could also be vulnerable to compromise.
Not sure if you’ve taken the proper precautions? We’ve outlined the simple steps you can take to bring your WiFi security settings up to snuff in an easy-to-follow blog post.
Ramp up Physical Security
If you are like many remote workers, you have family, friends, and service providers in your home on a regular basis — and none of those individuals are authorized to access sensitive or confidential information about your work. As such, you need to take control of your personal space and your devices. Even at home, computers and paper files should be locked and secured when not in use.
Taking your work on the road? Check out our tips for improving mobile device security.
Tip #2: Set – and Maintain – Boundaries Between Work and Personal Data
There has been no shortage of discussions related to the dangers of blurring the lines between personal and corporate communications, but the security ramifications really aren’t up for debate.
As a general rule, corporate data should not be transferred to your personal devices. Every time sensitive data is co-located, the risk to that data is compounded — and you will share a large part of the burden if you happen to move data outside of a corporate audit trail and it’s later found to have been compromised. In a similar vein, you should be cautious about placing your personal data on corporate devices; doing so puts your data outside of your jurisdiction, which means it could be accessed by others without your knowledge.
Here are a few more pieces of advice:
Restrict Access to Your Corporate Devices and Systems
Your corporate-issued devices are intended for your use. Period. Never share your passwords, and do not lend your laptop or corporate smartphone to anyone (not even a coworker) unless your IT team gives you consent to do so. In addition, family and friends should not be given access to your corporate devices to perform personal activities (like checking email, posting to social media, or playing games).
Prevent Eavesdropping and Shoulder Surfing
As noted above, your home office will probably visited by a number of people who shouldn’t know certain details about your work. Be cautious about discussing confidential matters on the phone when unauthorized individuals (including spouses and children) are within earshot. As well, make sure that sensitive information on screens, printouts, and notepads is not visible to others.
Watch What You Share on Social Media
Social media indiscretions are an issue with both on-site and remote employees, but if you work from home on a consistent basis, you can start to feel disconnected from your corporate culture. This can lead you to overshare on public forums — a risky practice.
Your employer is likely to take issue if you share too many details about your work life. There are legitimate dangers associated with making business itineraries, corporate information, and daily routines public on social media.
Tip #3: Use the Tools Your Employer Gives You
If your organization supports a lot of remote workers, it’s likely they have policies and procedures in place to guide you and help you stay as secure as possible. Be sure to familiarize yourself with — and follow — any rules that are outlined for you. Keep the following in mind as well:
Use a VPN When Transmitting Sensitive Data
Virtual private networks (VPNs) are commonly used by organizations that permit employees to work from home. If your company has one, use it to add an extra layer of security to sensitive communications. If you don’t have access to a VPN, be proactive. Ask your IT team for help in identifying, installing, and using a VPN on your laptop and/or mobile devices.
Keep Your Software and Plug-Ins Up to Date
Cybercriminals seek opportunities to exploit known vulnerabilities in software and plug-ins like Adobe Flash, Acrobat Reader, and Java. Your organization may push automatic updates to your PC and other corporate-issued devices, but at least some updates will be in your control (particularly on personal smartphones that you use to access corporate systems like email).
Don’t ignore update requests that come from your IT department or trusted developers; there are very real security implications related to out-of-date plug-ins, software, and applications. To learn more, check out this blog post. The advice you’ll find there will help you improve cybersecurity on all your devices, corporate and personal alike.