Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cloud
    • Cybersecurity
    • Mobile
    • Networking

    Five Ways to Ensure WFH Employees Keep Company Data Secure

    By
    CHRIS PREIMESBERGER
    -
    July 29, 2020
    Share
    Facebook
    Twitter
    Linkedin
      Woman.working.from.home

      The COVID-19 pandemic reshaped our workplaces in the blink of an eye, with social distancing mandating many employees to take their work home with them. This quick shift forced IT teams to cobble together work-from-home policies aimed at securing business’ data and devices regardless of location, while still enabling employees to maintain productivity. Particularly for those new to any employees working remotely, this has been no easy task.

      But effective policies aren’t just essential for navigating businesses through this current predicament. Many expect they’ll remain crucial to data security and productivity as distributed offices likely represent a new normal in the future. 

      As a longtime data and device encryption provider, Beachhead Solutions has seen firsthand how businesses get into trouble without a thorough security strategy. In this eWEEK Data Points article, VP Cam Roberson of Beachhead Solutions uses industry information he’s gathered to highlight five ways to put data security policies in place for the long-term WFH era. 

      Data Point No. 1: Ramp up employee training to teach workers self-defense in an environment that’s dangerous to data.

      It remains unfortunate but accurate that employee behavior is the single greatest threat to a business’ data security. Whereas infiltrating systems through software exploits or similar avenues requires technological ingenuity to bypass security measures, the successful exploitation of an employee means they’ll simply (and usually unwittingly) prop open the door.

      That’s not to say attacks targeting employees aren’t clever; phishing techniques have become quite sophisticated and difficult to detect. Even more dangerous are spearphishing attacks that leverage detailed information to more effectively target specific individuals. For example, an employee might receive what appears to be an email from his/her boss, directing them to divulge login credentials, or to refund a customer charge by wiring money. These attacks succeed often enough under normal circumstances. But they’re that much more potent under the current work-from-home conditions, where tricks can’t be sorted out with a simple desk-side conversation in the shared office.

      Data Point No. 2: Beware the family.

      Another risk area arises from computer sharing, where an employee will allow family members (often children) to use their business devices with credentials entered. This practice exponentially increases the risks to data and systems accessible from the device. Unfortunately, untrained employees with work devices in the home and kids to entertain find this high-risk convenience all too tempting. It’s also interesting to remember that criminal attackers are also more likely working from home, giving them experiences to draw from in refining their tactics and exploiting the specific vulnerabilities of work-from-home employees.

      To counter these increased risks, organizations must implement more intensive employee training regimens–as well as more secure policies that disallow a single employee from unilaterally putting data or company funds in jeopardy. Available training management tools can be used to train and certify employees in recognizing phishing attacks. Some training solutions will even send employees benign spear-phishing emails to test their behavior in realistic scenarios. This focused training will make employees better caretakers of sensitive data, equipping them to weather the current influx of COVID-19 email scams. 

      Data Point No. 3: Utilize a VPN and other security tools to provide access that’s both seamless and secure.

      The most common hesitation organizations have implementing a distributed office environment is concern over how to protect devices at large from becoming compromised (and thus opening them up to data breaches). However, safeguards to establish secure work-from-home environments are readily available. 

      First of all, businesses should introduce a VPN as part of its remote work policies to ensure that communications within the distributed office are secure. At the same time, be aware that recent infamous VPN software vulnerabilities have increased the risk of compromise. Make sure that your VPN of choice is fully up to date. Also verify that all employee-used remote work devices have the most recent security patches, and that anti-virus software is present and turned on.

      Data Point No. 4: Harden systems by streamlining software down to what employees need, and nothing else.

      Each piece of software running on an employee-used device carries a degree of risk. Applications that aren’t accessed frequently and don’t contribute to productivity should be removed to limit the attack surface to only the tools actually needed. Applications should also be kept up-to-date to ensure they have the latest security fixes.

      Data Point No. 5: Protect data with encryption, remote access controls and remote deletion capabilities.

      Data on employee-used devices – especially sensitive company data – must be protected by encryption that can immediately render it inaccessible to anyone without the proper credentials. That said, there are scenarios where encryption still isn’t enough to guarantee data security (employees sharing company computers with family members comes to mind). If a device is lost or stolen from a remote employee during an active session, or login credentials are compromised, then data may be as well. Organizations should have data encryption and access control tools–SimplySecure being one of them–in place. This strategy will ensure data security by remotely deleting data from devices if necessary.

      Guided by these methods, businesses can make smoother transitions to running efficient distributed offices – where employees can work from home productively while keeping company data secure. Given that the return to the office may not come soon – and offices may in fact never be the same again – these security strategies and policies will set up a remote workforce for the long term.

      Photo by Daria Shevtsova, Pexels

      If you have a suggestion for an eWEEK Data Points article, email [email protected].

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×