Top 4 Security Considerations When Working from Home

Working from home has become an increasingly popular option for the modern workforce in almost every industry. With more and more businesses transitioning to remote work it is important to understand the security implications of making such a transition. 

Typical workplace environments are comprised of a suite of unseen tools and equipment that are designed to keep end-users safe from all the dangers that exist on the internet. In most cases an end-user will not even be aware that there is an entire security infrastructure protecting their day to day operations. Since a remote worker doesn’t normally see the behind the scenes work that is put in place to protect them, they will often not even realize how different their home network is from a company managed network connection.

Here are a few key principals to follow that will help to keep company data users safe while working outside of the office.

1. Use a company provided VPN (Virtual Private Network) 

One of the primary concerns that an end-user should be aware of is the prevalence of dangers that exist on the internet. In a normal enterprise work environment, there are layers of protection in place to help keep users safe. These layers may exist in the form of Anti-Virus software, Content Filtering, and Firewall rules. It is essentially a three-pronged approach that can prevent the user’s computer from getting an infection. When using a home network, there will be no advanced firewall protection or content filtering to minimize a computer’s exposure. Due to this, it is extremely important to setup work from home users to utilize a VPN when connecting to resources outside the office. By utilizing a VPN, a company can control the data stream that a computer is utilizing and allow the firewall, content filters and other built in protections to do their part in continuing to protect a remote worker. 

2. Use a high-quality anti-virus product

When working from home, it’s best to use a device that is provided by the company. This can ensure that required security measures are in place to monitor and protect that PC even when it is outside of the office. In some cases, it’s not always possible to provide a computer that the user can take home. When this occurs, a person may be asked to utilize a personal device to login to the network. Whether using a personal device or a company provided device, it is important to make sure that the computer is equipped with an anti-virus product that will help to detect malicious programs and prevent infection. Built-in protections can be useful, but a reputable enterprise level tool is recommended. The reason for this, is because a higher end tool will provide remote reporting and check-ins so that the IT team is able to detect and mitigate infections in a timely manner. This makes potential infections a lot less impactful when they can be detected sooner 

3. Utilize network storage

Another risk factor to consider when having users work from home is that the device is not physically under the control and protection of the company. This opens up a wider possibility of theft or loss. If a user is saving their important documents to their local hard drive and the computer goes missing, the data will not be recoverable. This can cause delays or affect currently pending business. To avoid this, it’s always best to utilize provided network drives and cloud storage options. Depending on the environment, a company should be able to provide either an accessible network location or a cloud storage platform that can be utilized for offsite file retention. This is a great way to ensure data integrity and prevent inadvertent loss of files.

4. Enable local disk encryption

Going hand-in-hand with the best practice of not saving data to local workstations, it’s always important to ensure that local hard drives are encrypted at rest. Though we know that a user shouldn’t save files locally, there are some things that will inevitably end up stored on the hard drive. They may not always be important files, but sensitive information may still exist. In this regard, it is important to provide a solution for encrypting the hard drive. This will ensure that in the event of computer theft or loss, a criminal will not be able to read data and extract proprietary business information or passwords. Disk encryption is a must in any modern business office

There are some important precautions that should be taken when encrypting a user hard drive. When encryption is performed, the IT staff should retain a copy of the decryption keys. This allows IT to recover information from the system in the event of damage or failure. Without these decryption keys, data on a damaged system may not ever be recovered. For this reason, it is not advisable to simply ask all end-users to encrypt their hard drives on their own. This practice should be carried out in a documented and methodical manner. If disk encryption is enabled and deployed properly, it will add a significant layer of protection to the business as a whole.

These practices are not all inclusive, but they are a subset of things to consider when inspecting the data protection policies for any business. It’s generally recommended to partner with a business advisor or technology company that you can trust to help ensure that there are policies and procedures in place to meet common standards. The needs of all companies vary, it’s important to make sure your company is protected, even when the employees aren’t working in the office.