In the COVID era, it’s no surprise that remote employees are increasing in popularity.
With this increase in remote work, however, comes a subsequent rise in cyber security threats.
If you have remote employees on staff, you need to make sure that they’re taking extra precautions with their devices so as not to pose a threat to your organization.
To help ensure your remote employees are taking the right precautions, here’s a list of six tips for keeping them safe:
1. Keep security software up to date at all times
Most people postpone updates because of their inconvenience, without realizing that this creates a software vulnerability that hackers can easily take advantage of.
Make sure your employees are aware of this threat and install any computer, anti-virus software, and firewall updates as soon as they become available.
It may even be helpful to have them download an app for keeping track of updates. This is a great way to set reminders about when it’s time for your devices to be updated each month or week, depending on the release cycle.
2. Encourage employees to use strong passwords and change them often
It’s easy to fall into the habit of using the same password for every account, but this makes you a red target for hackers.
Hackers can then use your compromised login credentials to break into all sorts of other accounts, accessing your most sensitive company records and compromising your data.
Make it a company-wide policy to use long, random passwords that are unique for each account or website you have and change them regularly.
Of course, passwords should never be shared with anyone or stored on paper. Instead, enforce the usage of password managers like Dashlane, which can even help generate strong, unique passwords. If passwords do need to be shared among employees, Dashlane allows for a safe and secure way of doing so without ever revealing the actual password. It also has a service that notifies you when your password has been compromised.
3. Use multi-factor authentication (MFA)
Even if a hacker has an employee’s password, it won’t do them any good if multi-factor authentication is in place.
When MFA is used, a code will be sent to the user via phone call, text, email, or MFA app after entering their login name and password into a site or app. The login will then prompt the user to enter the code and allow them to sign in.
This added layer of security makes it incredibly difficult for someone to access your accounts even if they do manage to get hold of one of your passwords, because they won’t have the code required to access it.
4. Never open suspicious/unexpected files or links
Of course, no amount of security measures will help protect you if your employees are tricked into giving away their password or installing malware by clicking on a suspicious link.
Drill into their heads that if they have any reason to believe a link or attachment is suspicious, never click on it just to “see” if they’re right. They should delete the email immediately and notify your IT department to double-check safely.
Unexpected files don’t look suspicious on their own. The classic example is an email hack for someone in accounting. The hacker sees that Sally regularly sends a list of approved vendors to folks in purchasing, so the hacker sends a list that contains malware.
Hopefully, folks in purchasing notice that the new file is being sent too soon. For example, if they get a list at the end of the month and this one unexpectedly arrives in the middle of the month without explanation, that is reason enough to contact Sally and see if the file is legit.
Employees should always be mindful about downloading files from unknown sources, since these can contain malware that allows hackers to take control of their devices remotely.
It’s also a good idea to have antivirus software on every employee’s computer to detect malware and viruses before they cause any damage.
5. Use a VPN
Using a VPN can enhance your cybersecurity by encrypting all of your traffic and routing it through an intermediary server before sending it on its way to the destination.
This makes it harder for hackers to intercept information, and protects against DDoS attacks on the individual’s device.
When choosing a VPN for your remote employees, you’ll want to look for features such as:
- Having servers in multiple countries (this will only be necessary if you have employees worldwide),
- The ability to access streaming content from major media providers, and
- Speed performance (slow speed will impede productivity and frustrate employees).
Some VPNs also offer a kill switch, which will completely cut off your internet connection to prevent data exposure should the VPN disconnect unexpectedly.
6. Keep all employees informed about cyber security risks
Make sure that all employees understand what constitutes an attack and how to avoid them. Send out regular team reminders to either change passwords, install updates, who to contact when they find something suspicious, or new methods of cybercrime to be on the lookout for.
This will help to ensure that everyone is staying as safe as possible and your company won’t be exposed because one employee was unaware of a risk.
We hope you’ve enjoyed this final installment of our Cyber Security Awareness month series, and that you’ve learned something useful to keep your company safe. As always, if you’ve got concerns about the security of your website, contact Bizzuka! We can help you evaluate your web environment and make improvements where necessary. If we can’t help you, we’ll refer you to someone who can!