3 Critical CyberSecurity Policies for Remote Workers
A year ago this month, the pandemic was exploding around the world, sending everyone home with one hope – Things would “return to normal” …
But here we are (more than a year later). More people than ever are working from home and businesses (who formerly had little to no digital presence) have been forced into the cloud.
Here’s the thing…Remote workers pose a hefty security risk for small and medium businesses who lack large security budgets and in many cases, don’t have a security team or CISO…And almost none of these businesses have any sort of security policy in place!
A recent article published by Forbes recommends a few critical policies be enforced by employers with remote workers…
- Employees should be trained in basic security measures (repeatedly) – And, those measures must be enforced. As time goes on, we’re learning how hackers target the vulnerable entry points…so even if you have a CISO, he’s probably not the cybercriminal’s target. Instead, hackers are looking at your admin person, your salespeople, your service providers – who know next to nothing about phishing scams, ransomware attacks, and malware.
- All systems in use should have antivirus software, VPN, and anti-malware software installed. “Remote workforce” complicates things because employees are using their own devices. Cybersecurity experts strongly recommend carefully written and well enforced remote access policies. You have no idea what else is going on in your employee’s home (Think, teenagers, video games, dark web sites, poorly maintained computers…)
- Strong passwords (And two/multi – factor authentication; 2FA or MFA) should be in use and regularly updated. Access Control must be a training focus for all companies today – the average remote worker is using the same insecure passwords across work and personal accounts. Equip and train your people on the use of Password Vaults!
Implementing basic security measures like these can be time consuming and inconvenient but can also be the difference between a thriving business and a sinking ship.
Most small and medium businesses won’t survive a cyberattack, and remote work invites hackers. Your risk is up, while your ability to respond is down.
Now is a great time to take offensive action.
P.S. Have you seen our 9 Questions for determining your company’s vulnerability to a Cyber Attack?