These days, many workplaces allow some amount of telecommuting: A 2012 survey from Reuters found that one in five workers telecommute frequently, communicating primarily through online software, email, and phone.
As an employer, providing the chance to work from home can help you when it comes to snow storms, school closings and even in recruiting great candidates. But if your company deals with secure data, how can you ensure that your out-of-sight employees won’t jeopardize your business’ security? Here are a few strategies to keep in mind.
Use a VPN. A virtual private network, or VPN, allows you to authenticate any user that accesses secure data from a remote location. The VPN uses software installed on the user’s computer to connect to the central database, and relies on a PIN number to ensure that unknown individuals don’t access the remote server without permission.
Protect your employees’ devices. On their own, employees may not make the effort to install security software and upgrading their software versions on a regular basis. If they plan to telecommute, ask them to bring in their devices for inspection, so that you or your IT staff can install anti-malware software, check password strength, and take any other measures necessary to prevent hackers from gaining access to the device.
Create a secure BYOD policy. Many of your employees are likely to have their own smartphones, tablets, and laptop computers—and, as a result, they’re likely to do at least some of their work on their own devices instead of on your company’s equipment, so it’s essential to make sure that they understand what they can and can’t do with company data. Review your existing security policies, and add any measures that might apply to mobile devices and other devices employees commonly use. If certain types of devices cannot be made secure, ban their use for work-related purposes.
Use cloud-based apps when possible. If you’re not fully confident in your own ability to protect data, it can be helpful to pass that responsibility on to cloud-based data storage solutions that are known for excellent security protocols. In this case, it’s even more essential that your employees are using strong passwords; if the app offers two-step authentication it will help make the log-in process even more secure.
Train employees on how to securely use their devices. Your employees may not be aware of the security risks that their online behaviors can pose, whether they’re using their own devices or a work device in an unsecured environment. Create a comprehensive policy that trains them on how to avoid security nightmares by downloading only approved file types; using secure wireless connections; and encrypting data before sending it. It’s important to ensure that employees’ friends and family members never have access to work equipment. Create a set of penalties based on the type of violation, and discuss your policies with employees in a training session.
If necessary, bring in a consultant for help securing your network. If no one on your team has a solid understanding of how network security works and what must be done to protect it, it’s important to seek advice from someone who does. Invest in a consulting session with an IT security consultant. The session may be expensive, but it’s likely to be much cheaper than the cost to your business of a damaging security breach.