How to Protect Remote Employees' PCs from Security Threats
No matter the size of your business, technology has blurred the boundaries of the traditional work space location and has made remote working a reality for many employees.
The attitude toward employees working "away from the office" has changed dramatically. A lot of businesses are recognizing the productivity, cost savings and morale benefits to giving their employees more location flexibility. Unfortunately, a remote staff poses different risks from employees who spend the majority of their time in the office, and compromised data can end up costing business owners a lot more than they would be saving by allowing their employees to work remotely.
Security-conscious companies typically invest in protection at their gateway or entrance to their network. Usually it's an appliance or software, which provides not only firewall protection, but also web and e-mail filtering. This is can be the right decision for companies wanting to prevent threats before they can reach the internal networks, but for businesses with employees working remotely it can get a bit trickier. This is because once employees are outside of the company's network, they fall outside the gateway security perimeter and are on their own.
Here are some of the issues that can occur with employees working remotely--and what do to about them:
Less protection equals more vulnerability
Gateway security technologies are not able to provide protection if a computer is not connected to the network. Once out of the network (at a home, coffee shop or library), a computer is essentially relying on whatever software security installed on the PC to protect itself.
Solution: Be sure the employees' notebooks are updated with the most recent software updates. If there is no VPN (a private, secured network that will allow employees to connect to the office from anywhere) connection, then confirm that updates can download directly from the internet. Also, check whether your security solution includes a location-awareness feature. This feature will automatically increase security levels based on the location of the device. The better ones will automatically increase security levels when the PC is out off the office and away from the internal network.
Employees surfing the web
Unless the URL filtering solution is operating on each client PC, employees are free to connect to any website they want. Because more than 90 percent of threats now come from the web and more than half of all employees will view websites unrelated to their work during office hours, this is a concern both for security and productivity reasons.
Solution: When possible, connect the employee back to the office using the VPN. This will allow the PC to benefit from gateway security technologies. If VPN is not available, URL filtering on the employees' PC provides an added layer of security outside the office.
Carelessly connecting to wireless networks
Sometimes the urge to connect to the internet surpasses security concerns. A fake access point, also known as an "Evil Twin," is a rogue Wi-Fi access point that appears to be legitimate. However, it is actually set up by cybercriminals to eavesdrop on wireless communications.
Solution: You can avoid Evil Twins, by staying away from unconfirmed wireless hotspots, and by sticking to secure sites that are verified by companies such as TRUSTe .If this is too difficult to control, consider installing a security solution that checks the safety of wireless networks. This way you don't have to think twice when you're relocating your office to the newest tea house in town.
As a small-business owner, the world is your office, especially with all the technology available to you. That technology is also a great way to save money and increase productivity, but without the proper precautions in place, it can also cost you dearly. A little security goes a long way, so make sure your data doesn't fall into the wrong hands when you--or your employees--take your business on the road.