Distributed teams have become more prevalent since the COVID-19 pandemic. However, most home networks aren’t very secure. This is a phenomenon for many company leaders as this opens issues they didn’t plan for.
But to sustain operational security, it is important to have measures in place to prevent mistakes that may lead to data breaches.
This blog contains a few tips for remote employees to do to keep themselves, their company, and customers secure.
1. Secure home networks
Employees should always secure their home Wi-Fi routers. Many routers come with default administrator credentials that can be easily discovered by attackers. These default credentials should always be changed during the process of setting up your routers.
Another case would be that modern routers often have a feature called Wi-Fi protected setup (WPS) which provides easy setup for peripheral devices such as printers to connect to the wireless network. WPS is susceptible to attacks that allow an attacker to gain access to the encrypted Wi-Fi network with ease.
2. Use antivirus software and keep it updated
Employees should ensure that they use antivirus software on all personal devices, besides company-owned devices. All of these devices share the same network, a compromised personal device can be used to attack a company-owned device, and in turn, penetrate the company network.
3. Use a VPN
Always use company-provided VPN (Virtual Private Network), or a reputable VPN service, especially when working from a public network that other people have access to (coffee shop, internet cafe, etc.)
4. Separate login credentials
It’s best for employees to separate their personal login credentials from their work accounts. Having separate login credentials for different accounts or websites is important. It’s never a good idea to reuse the same credentials, let alone reusing it for work accounts.
5. Report to your security teams
Always follow security guidelines and policies at your organization. When in doubt, always contact or get a hold of your security teams. Any signs that may lead to potential risks such as misplaced devices or suspicious emails and other forms of communication should be reported immediately.