There are many reasons to allow your employees to work remotely, or telecommute from the location of their choice. It can bring cost savings to your employee, as they won’t be spending hours in the car going to and from work each day. It can allow you to reduce office size. It can create happier, more productive employees as they can work from home, and realize the benefits of being in a less stressful environment. It can also allow you, the employer, the chance to expand your search area and find even more qualified people to do the job at hand. If they don’t have to come into the office everyday, the world is your search potential.
When your employees work from one location – the office – its easier to reduce risks and keep everyone safe from threats that can harm your corporate systems. When employees spread out, sometimes around the world, new threats materialize right before your eyes. How will you keep your company data out of the hands of hackers, electronic eavesdroppers, or even shoulder surfers as they watch your employee enter passwords when they work from a local coffee shop?
It’s a matter of creating a strong system to protect your data, and ensuring your employees are on board with the safety techniques that go along with keeping company data out of the hands of people that shouldn’t have access.
The first step in a remote employee safety plan is to determine what type of access is needed. This is not a one-size-fits-all philosophy. Not every employee needs similar access; it should be on a case by case basis.
- What system and data do employees need?
- How sensitive is this material?
- Do they need administrator privileges?
- Do they need to share files with other team members?
- Is the data confidential?
There are, or course, many ways to look at each question, even when dealing with just one employee. From a security perspective, always approach each decision with these in mind:
- What would happen if an intruder gained the same access as the employee?
- What would happen if an intruder gained access to an employee’s account, and pushed to gain access to more data?
If a hacker makes it in to a certain level, chances are he will use his entrance and push the limits. Which means its important to create restrictions around every level of security you have.
Access should always be on a limited or need-to-know basis. If an employee doesn’t need access to something, it should be blocked from view.
You should also use a secure gateway, or firewall, to block or filter access between the various networks you use on a company wide basis. For some, using company email and having access to the Internet may be all they need. For others, they may need access to internal resources, such as local area network (LAN) applications, mainframe applications, or client software.
The more you have, the more access granted to outside terminals, the more complex a system may have to be. In which case a series of gateways may be in order to divide internal resources based on the needs of the remote employees. High risk organizational data may be separated by a gateway from systems with lower level risk documentation, with access granted on an individual basis.
You can also increase security by reviewing your password policies. “Password” is not a great password, and yet it consistently makes the top ten list of passwords used. Randomly created passwords are always better than allowing an individual to create their own. And the longer a password is, the harder it is to break; we recommend 12 characters in length or more. You may even choose to incorporate a password that expires every few months for a step up in security.
With the current trend towards cloud infrastructure, every employee becomes a remote employee from a systems perspective. This puts even more emphasis on addressing security around remote access strategies.
In addition, as mobile applications continue to grow, remote employees will become the new norm. Whether its traveling for business, or working from home, when employees need access to your systems, only the best safety precautions will continue to keep you safe year after year. Don’t put your data at risk; make sure your systems are safe.