A recent article in pcmag.com reminded small businesses of the steps to take to ensure security for the company and its employees when working remotely. At Waytek, we often like to remind our Managed Services customers of the measures they, too should take in dealing with both employees in the office and those working remotely. While we work on ensuring that these customers are updated with the latest security and backups, it is always wise to follow certain guidelines, as outlined, also in the pcmag.com article.
The first step is for the company to protect the Endpoint. If an employee’s laptop, phone, saved contacts, etc. are lost or stolen, sensitive data, such as employee or client information, can be exposed. Full disk encryption is essential for all computers used by employees. If the employee uses his/her own device for work, it is essential that the device be encrypted. Encrypting computers makes it difficult for a thief or hacker to retrieve data.
Setting up passwords to lock down the BIOS is the next step of protection. (A BIOS is a security precaution that requires a computer user to log into the machine’s basic input/output system before a computer will boot up.) This means that a thief cannot just boot off a USB stick or CD and obtain access to your hard drive.
When an employee is working remotely, it is important that he/she should still keep up to date with regular software updates and patching. All devices used by employees should be set up to automatically download and install patches as they become available. This means that employees must either connect to the corporate network on a regular basis or be tied to a Managed Service provider who tests each patch prior to updating their machines. At Waytek, we do this for our Managed Service customers. We test updates and set up security alerts if a user isn’t updated or hasn’t changed their password in accordance with the policy.
Your Managed Service provider should create user level accounts for employees and restrict what you are allowing them to do. Also, they should set up a VPN server, so that employees are connected remotely over a trusted system. Don’t forget to make sure that employees’ mobile devices are also protected. All devices should have a lock, not just a screen swipe, but a passcode or pattern.
Training Your Employees:
Make sure your employees are educated on using strong passwords for all accounts, hardware and services. Look into two-factor authentification, if that is possible. Make sure passwords are frequently changed. A Password Manager can do this for you, and a Managed Services provider can assist with all password related issues.
Be sure that you educate your employees on phishing, so that they can see the warning signs of phishing email and prevent opening unwanted emails. Create policies for employees regarding file sharing and collaboration via the Web. Also, remind your employees to steer clear of public wireless hotspots!
More and more employees are working remotely, saving time and money for companies. This makes it more difficult, however, for the SMB to ensure that employee and company information is protected. We have seen great success on the part of SMBs, but also the disaster of an employee opening the company to a horrible bug or virus. Make sure that all data is backed up on a regular basis, both in-house and remotely. The last thing an employer needs is for an employee to inadvertently download malware that can permeate through the whole company.
These are great tips for staying safe in the new year. Contact us with any questions on securing your data and keeping your technology safe.