5 Essential Cybersecurity Best Practices to Follow as a Remote Employee
According to one source, 86 percent of C-level executives believe that the risk of a data breach is higher when employees work remotely. In addition to this, CybSafe reported that one-third of UK businesses have suffered a data breach in the past 12 months because of remote work.
For many workers, the ability to work remotely is very appealing. Unfortunately, it can be difficult to get management on board. One of the reasons that many companies limit or even ban remote work altogether is the fear of data breaches. In fact, according to Shred-it, 86 percent of C-level executives believe that the risk of a data breach is higher when employees work remotely. In addition to this, CybSafe reported that one-third of UK businesses have suffered a data breach in the past 12 months because of remote work.
The numbers are staggering. To successfully negotiate a remote work agreement, you will need to appeal to the security factor of remote work. And those who already enjoy the benefits of remote work must take action to protect the data they access while outside of their company’s ‘four walls’. They can begin by following these five tips.
1. Maintain physical control of your devices at all times
Many security breaches happen simply because workers lose their devices to thieves. In airports alone, a laptop is stolen every 53 seconds. The vast majority of these are never returned. It’s imperative for workers to understand that cybercriminals are opportunists, and will watch for unattended devices. To protect your gadgets, used to access work data, you should:
- Keep devices on yourself or securely stored at all times.
- Turn on the ‘Find my Device’ option.
- Use the most secure method available to lock screens.
- Consider data encryption solutions.
2. Exercise caution when using public computers or Wi-Fi
It’s tempting to use public Wi-Fi or even pop onto public computers in hotel lobbies or anywhere else to just to get some quick work done. However, this can be very risky, according to Safe Guarde. If you must, there are some precautions to take:
- Don’t access any sensitive information from public computers.
- Sit so that your screen is obscured, ideally with your back facing a wall.
- Before you leave, log out of everything.
- Uncheck any options to remember your login information.
- Manually delete any documents you’ve downloaded.
- Use private browsing if it’s available.
- Restart the device before you leave to clear out any temporary files or settings.
3. Enable email encryption
Anyone whose work involves sending sensitive data by email should implement and use an email encryption solution each and every time they send an email. Most email is sent in plain text form, across networks, completely unencrypted. This means that anyone spying on a network can read that information easily. Email encryption obscures that information as it’s sent, leaving it up to the recipient to decrypt the information at their end.
4. Be wary of inserting any unvetted USBs
Workers may receive USB devices from a variety of sources. No matter where they come from, all USB devices should be treated as if they may contain malware. This includes devices you receive at business-related functions, even from the store. Don’t plug any USB device into any computer that is used to access work-related data. Instead, have the information security team at your work double check it first. A USB device could host malware, a keystroke detector, even USB killer which is malware that fries devices with a burst of electricity.
Finally, don’t let people plug their devices into yours. This is true even if you know them, and even if they just want to use your device as a temporary charging station.
5. Report any issue to in-house IT staff immediately
Even with every possible protection in place, most people will eventually experience a security breach with one or more of their devices. The best way to mitigate the impact of this is to recognize the signs of a breach and report it to IT immediately so they can investigate and take any necessary steps. Remote workers should be aware of:
- A sudden increase in pop up ads and spam.
- A significant decrease in performance.
- Frequent error messages.
- A new homepage or default search engine.
- Anti-malware software indicating that a virus or malware is present.
Finally, it’s imperative that workers contact IT if they realize that someone may have gained unauthorized access via social engineering. This is a common method where someone posing as a support agent or other authority talks someone into providing access to their devices, usually using some sort of screen sharing software.
The fear of cybersecurity breaches is something that can prevent managers from approving remote work requests. By following the tips above, workers can successfully allay these concerns.