4 ways to secure your remote work setup

Scenario: You have already visited the office twice this week and want to spend the rest of the week at your parent’s house. To avoid bringing your work and personal laptop, you just take your personal laptop. This way, you can complete your work and access the software or websites blocked by your company’s IT department.

Also: How to find out if you are involved in a data breach and what to do next

Best case, nothing out of the ordinary happens, and it’s business as usual. Worst case, a hacker can infiltrate your personal computer’s defenses and access your sensitive work material. Your logins and passwords are now vulnerable to those with nefarious intentions, and your company’s privacy is in jeopardy. 

Solution: A security breach of this nature can lead to your company’s information and your personal details being stolen. So, it’s best to lug your work computer to whatever setting you work from to keep your data safe.

Scenario: Your boss asks you to scan a PDF for an upcoming meeting next week, but you don’t plan on traveling to the office and don’t have access to a scanner at home. So, you download a PDF scanner app not provided by your employer’s IT department onto your computer to complete the task. 

In the best case, you can scan the document, get it to your boss, and check that task off your mile-high to-do list. Worst case, the app is filled with malware infecting your work computer. Now, you still need to scan the document, and your computer screen is full of pop-ups. 

Great.

Solution: Vonny Gamot, head of EMEA at McAfee, says you should ensure that any apps you’re downloading are legitimate and secure. A best practice is to contact your IT department and check if any apps are approved and licensed by your company to avoid accidentally downloading any malware.

Also: How to find and remove spyware from your phone

“While work-related apps for devices, like PDF editors, VPNs, and document scanners, can be great productivity boosters, almost a quarter of the malicious apps that our researchers found recently were tools like these,” she says. “So, make sure any apps or software you’re downloading are legit. Technology has enabled us to work more flexibly, but that flexibility comes with responsibility.”

Scenario: As an employer, you command your IT team to send a phishing email to test your employees. After the test, over 50% of your employees either clicked on the email, opened the email’s attachment, or didn’t report the email as phishing. Now you see that if the opportunity arose, many of your employees would unintentionally compromise sensitive information.

Solution: Set up multiple opportunities to educate your employees about company security. Consider regularly executing phishing tests and updating them on hybrid working best practices. 

Also: What is phishing? Everything you need to know to protect yourself from scammers

Quentyn Taylor, director of information security at Canon Europe, says employers should educate their employees about safety best practices, no matter how straightforward. Taylor also recommends that employers maintain a high level of openness regarding employees making missteps that could jeopardize company security. 

“Promoting a culture of openness is also critical. If there is a breach, it is important that employees feel comfortable coming forward to share their mistakes,” he says. “This helps mitigate the damage as issues often snowball if employees hide errors – if an error is out in the open, it can be fixed.”

Scenario: An employee wants to work out of a local coffee shop. The employee connected to the coffee shop’s public wifi and completes a few hours’ worth of work.

Best case, nothing happens, and the employee works as usual. Worst case, someone quickly infiltrates the coffee shop’s network and steals information from the employee, exposing their personal and work information. 

Also: The best travel VPNs

Solution: Ian McShane, vice president of Arctic Wolf, says companies should invest in a VPN service to provide to employees when working on a public wifi network. He says a company-provided VPN service can keep employees’ internet activity private.

But he says companies should thoroughly vet the VPN service they’re licensing, as companies should assume that the VPN provider can access employees’ internet activity.

Stefano Amorelli, fractional CTO at Dominance, gave ZDNET a few more tips to help you stay safe when working remotely.

• Consider supplying employees with a privacy screen for their work phone or laptop while working in public.
• Enforce full-hard drive encryption if employees’ work devices are stolen or lost.
• Enforce multi-factor authentication.
• If you have to participate in a meeting that requires you to discuss sensitive company information, don’t do it in public.