Take the Free Remote Working Security Course and Quiz
Remote work is whenever you’re traveling far from the office… right?
Whenever you work from outside the office it will normally be considered remote work. From an information security standpoint, however, what also matters is whether you are connected to the company network or not.
So, if you’re enjoying the sun on a bench outside the office, or perhaps in a coffeeshop downstairs, you may still be able to connect to the company network.
The two things to consider are:
- Am I connected to the company network?
- Am I physically outside the workplace?
You may also be in a situation where you are physically inside the office but are not connected to the company network. In this situation, you could be considered to be working remotely.
Why does remote work pose a security risk?
So, you’ve got your remote working setup all ready to go. Can’t you just get started right away?
When you’re working remotely, your devices, data and network activity won’t be protected physically by the workplace or by the security of the company’s internal network. Without the proper precautions, remote work can lead to unauthorised access to:
- Company devices. While theft of a device will obviously cause a monetary loss, a criminal accessing company data or the company network through the device could lead to far more serious financial and reputational damage.
- Company data. A breach of sensitive or confidential data could prove highly damaging to your organisation. Protecting customer data is also essential to maintain the trust of consumers, and unauthorised exposure could lead to regulatory fines for your organisation.
- Company network. An infiltration of the company network could let a criminal access a large quantity of company data and penetrate further into the network to cause more damage.
How remote working could lead to unauthorised access?
While leaving your laptop behind in a coffeeshop is an obvious way for company assets to be compromised when working remotely, there are many other methods that a criminal could gain unauthorised access.
Unauthorised access could be caused by:
- Theft or picking up devices that have been accidentally left behind
- Accessing devices while they are left unattended
- Intercepting data on an insecure network
- Viewing of confidential information from an unprotected screen – known as ‘shoulder surfing’
How you can protect devices and data from unauthorised access
Here are some simple tips for protecting your devices and data when working remotely:
- Never leave devices unattended in public places. Even if you log out, a criminal could plug in a removable device and steal data or install malware within seconds.
- Avoid viewing sensitive data in public places. If you must do so, take care to protect your screen to prevent unauthorised viewing, and inquire your IT support team about screen viewing angle protectors.
- Avoid using public Wi-Fi networks. While they are convenient as you can now find them almost anywhere, they may be poorly secured and allow a criminal to intercept any data you send across or receive on the network.
But I have to get some work done and there’s only public Wi-Fi available…
While it’s best to avoid doing any work on public Wi-Fi when possible, if you must use a public network you can still do so securely by taking a few precautions.
When using public Wi-Fi, you should:
- Use a VPN if one has been provided for you by your IT support team.
- Use tethered internet from your mobile phone, rather than the public Wi-Fi network, if possible.
- Avoid connecting to any sensitive or confidential data when possible, or signing in to your online banking.
- Ensure that every site you visit has the lock icon in the URL bar at the top of the browser window. This shows that your connection with the site has not been compromised.
Working remotely from home
So, you’re not using public Wi-Fi and don’t have to be worried about unauthorised access to devices as you’re working from home. Is there anything you need to do to ensure you are working securely?
When working from home, it is still essential that you:
- Keep your home network secure. You should ensure your Wi-Fi router is up-to-date with the latest firmware, as this helps stop attackers from breaching your network.
- Protect your network with a strong password. It’s essential that you change any default password on your home network, as otherwise it will provide an easy entry point for a criminal.
- Download and install the software updates to your devices. Any time new updates are available on your device, you should download and install them immediately as they could contain fixes to security vulnerabilities.
If you are working from your own device, ensure it has up-to-date antivirus. Antivirus programs stop computer viruses from taking over your device.
If the worst happens…
- You’ve just stepped on to your flight and you realise your company laptop is not in your backpack. What should you do?
- Always report any lost devices, unauthorised access or other incidents to your IT support team as soon as possible. This will let them revoke access to the device and do any other damage mitigation that may be relevant.
- Even if you think you may know where you’ve left the device and don’t have a reason to believe it has been accessed in an unauthorised manner, you should still let your IT team know as they can easily revoke access from the device as a precaution.
Ok, so now you know the basics about Remote Working security. Time to put your knowledge to the test with our short Remote Working Security quiz. Good Luck!