Cybersecurity for a Remote Working World
Your new remote workforce policies and procedures should also cover home network security. This is an excellent opportunity to enhance employee knowledge, increase security awareness, get employee buy-in by helping them protect their home network and add further protection for remote work.
Make sure that employees can:
- Change default ISP router passwords
- Ensure ISP/home router firewalls are active
- Get company-offered free or low-cost home network monitoring solutions
- Recognize signs of home network attack
- Understand and agree to employee privacy and consent stipulations for personal device use
During this period of remote work, most organizations have required employees to use virtual private networks (VPNs) for network security. A full-tunnel VPN routes all traffic from the employee’s computer through the corporate network for security scanning before sending it on to its destination.
Because of the sudden need to transition to remote work, many companies lack sufficient numbers of company-managed laptops to support a fully remote workforce. As a result, many employees are working from personal devices instead.
This dual use of devices creates significant privacy concerns if all traffic from an employee-owned laptop is routed through the corporate VPN. A telework policy must contain an explicit “consent to monitor” clause explaining that traffic resulting from personal use of a laptop connected to a corporate VPN flows through the organization’s network and may be monitored. Failure to receive explicit consent from employees may put an organization in breach of data privacy laws.
How to spot a phish!
It’s more important than ever to stay vigilant and watch for nefarious activity. To protect your employees and your organization from the increased phishing scams during COVID-19 and beyond, organizations should be train and communicate with remote
