Remote Work Security Tips and Best Practices
If you’re anything like us, you love the idea of allowing your employees to work from home or offering a hybrid arrangement (working from home and the office). Making this decision can be a big step for any business owner but can make sense if you don’t need to have employees present (like we do in our branches). Security is a top concern whether you already have a work-from-home policy or are creating one. To help make sure telecommuting works for everyone, we asked Angela Anderson, Coastal’s SVP Information Security Officer, for remote work security tips to keep your business and employees safe.
Angela advises that whether an employee is working in the office or remotely, the employer should approach security similarly as if they were in the office. The employee should already have some of the security frameworks in place, such as:
- Set computer screens to automatically lock after 15 minutes and train employees to lock their screens when leaving the workstation.
- Set strong password requirements and consider implementing multi-factor authentication.
- Work with professionals to build your network security through firewalls, malware detection, backups, patching, etc.
- Implement company-wide training that details information security, phishing emails, creating and using passwords, etc.
- At Coastal, we administer enough access only to employees to be able to complete their assigned job duties. We also limit the days and times employees can access the network. If any additional access is needed, their manager needs to request it.
- Coastal employees can NOT take any documents home, nor can they print from home.
- Read more Fraud Prevention Tips from our blog in March: https://www.coastalbank.com/resource/fraud-prevention-tips-businesses/.
Angela also provided suggestions employers should consider for new remote employees:
- Will you, the employer, provide laptops or other devices?
- If so, will the devices be fully encrypted?
- Can you remotely wipe or clear the provided device or the employee-owned device?
- Additionally, devices should be secured or in the employee’s possession at all times.
- Ensure up-to-date security is installed and active on devices, whether it’s employee-owned or employer-owned.
- Angela recommends using patch management, which provides automatic updates to employer-owned devices to ensure all systems are running optimally if you don’t have a system to do this.
- Employers should have a written company work from home policy that each employee signs.
- Will employees be able to print from home?
- If yes, how will you ensure those documents are secure or safeguarded in the same manner as if the employee were in the office?
When employees work from home or hybrid, it can be a great way to save on office space, allow for more flexibility with hours, and can be a great way to boost morale and productivity. To read more advice on remote work security and download material, like how to set up your employee security training, visit the Federal Trade Commission (FTC) Guide for your Business.