Top 10 security tips for remote working

Remote working may be a great way to do business, but are you totally aware of all the threats?

[b]1. The computer[/b]

One of the key aspects of [a
href="http://www.itpro.co.uk/120271/it-security-must-adapt-to-remote-working" target="_blank"]remote working[/a] is to make sure that you are using an approved computer, and that all the right protection is in place.

By using your own personal computer – although convenient for you - could make it much easier for you to introduce malware into your company’s network. Clearly this won’t protect you when something goes wrong.

[b]2. Update your computer[/b]

Even if you are using a laptop or mobile device that your company approves, the organisation is very unlikely to know whether you have kept up to date with your patching.

The reason why [a
href="http://www.itpro.co.uk/610638/conficker-cost-may-hit-6-2-billion"
target="_blank"]Conficker spread so virulently[/a] is simply because many computers and networks hadn’t patched using the adequate updates.

Make sure automatics updates are turned on as well as having the latest up-to-date anti-virus software installed. Business information will be at risk otherwise.

[b]3. Beware hackers and phishing attacks[/b]

You may have a different mentality about what emails you open when you are at work, so do the same when you’re at home by keeping a close eye on phishing scams by email, websites, social networks or IM messages.

Many criminals will be out there hunting for usernames and passwords. Recent social networking scams on [a
href="http://www.itpro.co.uk/609425/stephen-fry-victim-to-twitter-phishing-attacks" target="_blank"]Twitter[/a] and [a
href="http://www.itpro.co.uk/610724/facebook-confirms-fakebook-phishing-attacks" target="_blank"]Facebook[/a]show that they are evolving from using the traditional ‘Nigerian 419 scam’.

[b]4. Be careful when using social networking[/b]

Social networking is a valuable tool when it comes to remote working, with tools such as [a
href="http://www.itpro.co.uk/161343/where-next-for-linkedin"
target="_blank"]LinkedIn[/a], Facebook and even Twitter are all useful for connecting and keeping in touch when you are out of the office.

Although some social networks claim to protect your data and will say you are in a ‘secret’ group or forum, good hackers will be able to find ways around this – they always do.

[b]5. Practice good policy[/b]

Make sure you understand [a
href="http://www.itpro.co.uk/609737/snow-throws-spotlight-on-business-continuity-plans" target="_blank"]your workplace policies[/a] when it comes to blogs and social networks, as this will allow you to avoid any situations which might get you in trouble.

It’s the responsibility of company management to make sure that there are strong policies in place, but employees also have responsibilities and they can only follow them if they have the [a
href="http://www.itpro.co.uk/187986/remote-working-is-the-chink-in-the-network-armour" target="_blank"]right training and education[/a].

[b]6. Keep your wireless secured[/b]

Remote workers are generally going to use wireless connections with devices like PDAs, smartphones, netbooks and laptops.

However, as workers won’t be in the office, it will be their responsibility to make sure that the [a
href="http://www.itpro.co.uk/110522/quarter-of-uk-firms-have-no-wireless-security-policy" target="_blank"]connection they are using is secure[/a].

This could simply mean protecting your connection with a password, or guarding yourself against hackers who try to perform a man in the middle attack.

[b]7. Use encryption technology[/b]

Think about using [a
href=http://www.itpro.co.uk/200463/barclays-boosts-keys-to-encryption target="_blank"]encryption[/a] on devices, whether USB, smartphones, laptops or even your home computer.

If you are working with highly classified material, if the worst does go wrong then thieves will be unable to access data if devices are encrypted. Remember the lost USB and laptop horror stories of recent years? Don’t add your company’s name to that list.

Staff won’t always be careful and reliable and mistakes will happen, with the costs of encrypting data likely a lot cheaper than the punishment for anything that goes into the wrong hands.

[b]8. Keep personal and business items separate[/b]

Remote working will make it tempting to do personal tasks on company time.

By not blurring the lines between the two, in addition to making sure you are working as efficiently as possible, it will mean that you won’t lose personal files if a business device gets lost, or vice versa.

[b]9. Secure collaborative tools[/b]

Workers will need to collaborate together, whether using email, phone, IM or [a href="
http://www.itpro.co.uk/610353/hp-gives-sneak-peak-at-skyroom-video-conferencing" target="_blank"]video conferencing[/a] to applications such as [a
href="http://www.itpro.co.uk/610051/microsoft-to-charge-10-for-hosted-sharepoint-and-exchange" target="_blank"]Microsoft Sharepoint[/a].

You won’t be in the office, so any confidential business information that is shared may ‘leak’ and be shared with a third party. Be careful.

[b]10. Own up to mistakes[/b]

If the worst does happen, you’re likely to be found out sooner or later, so it pays to be completely open about the mistake so that the company can make moves to solve the problem.

Keeping the problem quiet can only make things worse, and if a business has time to solve the problem rather than find out about it later, it can carry out damage limitation.

Email to a friend

Print this page