Why cybersecurity should be your small business priority
Office-based employees have peace-of-mind knowing that online safety measures are already in place protecting valuable data while they work. Online safety measures include VPNs and firewalls.
However, many organizations also employ remote-based employees such as traveling sales-people or freelancers who may use their own devices to conduct business. It is, therefore, necessary for organizations to take precautions to protect remote working employees from cyber-attacks.
Hacking and phishing are far more common than users would like to admit, especially in foreign countries making online security an essential concern for remote working employees. Some of the best practices for remote employees are listed below.
1. Use a VPN
Never log into your device without first running a VPN. A VPN is a Virtual Private Network which allows users to access the internet privately and safely by routing the internet connection through a server and hiding the user’s location. VPN’s encrypts all data being exchanged making it difficult for data to be stolen.
Using a VPN allows employees to:
- Remain anonymous: The VPN hides your actual location. You may be working from South Africa but your VPN will access the internet through a server in Switzerland.
- Have peace of mind while accessing files remotely.
- Avoid bandwidth throttling: VPNs prevents throttling which is useful if an employee is on a tight deadline to submit a critical report.
- Access government restricted websites. VPN routers unblock restricted applications and content. VPN routers allow users to access applications (such as Google or Twitter) or content that Governments (such as China) may block by enabling users to bypass restrictions and connecting to the internet through an encrypted VPN connection that disguises the employee’s real physical location.
2. Always Use a Secure Password Protected Network
Being a remote employee means engaging in transactions over the internet. These transactions include exchanging money or sensitive information. Ensure that all networks are secure and password protected. Also never complete financial transactions over a shared or public network.
Remember to log off all your accounts once you are done using the internet.
3. Do not use the same password for all your accounts or Devices
Passwords should never be easy to guess. Do not use the same passwords for all your devices or accounts. Create strong passwords by following guidelines given during the account sign-up process.
If a hacker manages to steal your password for one account, such as your email account, their next step will be to try that password on your other accounts such as Facebook, LinkedIn or Instagram. Use a password manager to avoid forgetting passwords.
Examples of Password managers are Dashlane and LastPass which are secure applications that keeps a record of all passwords. Some mobile devices have pre-installed Password managers which work just as securely.
4. Encrypt All Devices
Encryption allows employees to protect sensitive data that unauthorized individuals should not have access to. Most organizations use encryption to protect classified information and prevent identity theft securely. To decrypt information, specialized knowledge is needed sometimes in the form of a decryption key or password.
5. Implement Remote Employee Online Security Protocol
Provide online safety and security training to all employees. All remote-based employees should know what the organization’s policy is to ensure online safety. Online security protocol guideline should be made available to all employees so that they are aware of threats to their online safety and the measures the organization has taken to protect employees while they work online.
6. Backup and Disaster Recovery
All information should be recoverable to allow an organization to quickly resume operations in the event of a disaster such as a cyber-attack, or even a natural disaster such as fire. A disaster recovery plan considers the organization’s infrastructure which includes hardware and software when drawing up a disaster recovery plan.
One method of backing up data is for remote employees to use a secure cloud. Information can also be backed up on the organization’s primary server.
7. Avoid Using Public Computers and Limit Use of Public Wi-Fi
Public computers could be infected with malware which may compromise information such as passwords, financial details and identity records. Criminals may also watch you as you use a public computer and take note of your passwords or crucial information such as baking details. Remote employees should refrain from using public computers to conduct official business.
8. Ensure that Firewalls, VPNs, and Antiviruses are Up-to-Date
Cybercriminals are very innovative and come up with new ways of stealing data daily. Remote employees should update firewalls, VPNs, and Antiviruses regularly. Updates may include protection against new cyber threats. The importance of using a VPN is discussed first in this article.
9. Use Network Monitoring Software
A network monitoring system continuously checks the network for anything that may slow the network or cause it to fail. Ideally, remote employees should be linked to the network for this to work. In this way, threats can be detected before remote employees are at risk.
10. Keep Up-to-Date with the latest Phishing emails and other online risks
All remote employees should be kept up to date either via emails or SMS of the most recent forms of Phishing emails and other online risks. Remote employees should also have a basic knowledge of how to identify Phishing emails.
For example, malicious emails often have poor grammar and are sent to numerous individuals at once. Remote employees should not open or read emails from addresses they are not familiar with.