© Getty Images

Don’t let remote employees expose your business to cyber risks

It’s not too late to implement a remote access policy for homebound workers

With millions of Americans working at home because of the coronavirus pandemic, the businesses that employ them are more vulnerable than ever to ransomware, phishing and other cyber attacks.

Take risk management actions

It’s essential that companies take thoughtful risk management actions, consulting with management teams including IT professionals, to develop a plan specific to their needs. Here are some issues to consider.

Three Ways to Work Remotely

There are three basic methods for remotely connecting to a company infrastructure from home. The least secure is allowing employees to use their own devices. A more secure method utilizes Remote Desktop Protocol (RDP), while a Virtual Private Network (VPN) is generally considered the most secure.

Employees using their own devices

Employees using their own devices and Internet connections can pose a cybersecurity threat when they send data to their company or access company resources. Using private email can also make them susceptible to phishing attacks and some emails may be infected with malware.

Remote desktop protocol (RDP)

If employees require access to business resources, using RDP provides end-to-end encryption that is more secure. RDP is a Microsoft tool distributed with its operating systems that allows one device to remotely connect to another.

Virtual Private Network (VPN)

A Virtual Private Network employs end-to-end encryption when connecting a remote device to another, usually to access business resources or to securely connect to the Internet over Wi-Fi. VPN software should be deployed by your company and employees instructed to use it for business only.

Multifactor authentication

Multifactor authentication uses more than one method to verify a user’s identity. It combines something you know—like a password, phrase or answer to a question - with something that you have - like a physical or cryptographic key, or biometric scan of your face or fingertip.

General remote work tips

Always encourage employees to practice good cyber hygiene. When working at home, employees should:

  • Use long and complex passphrases;
  • Set up automatic installation of updates to operating systems and software;
  • Employ firewall and anti-virus protection;
  • Not share personal or business confidential/sensitive information online or by phone.