Cybersecurity Best Practices for Remote Workers

While remote workers aren’t a new phenomenon, the number of people working remotely is. Millions are now working remotely due to the Coronavirus pandemic, increasing the risk of sensitive information being compromised and exposed to unauthorized individuals.

Cybersecurity experts at the National Institute for Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) offer these best practices for safe and secure remote workplaces:

  • Only connect to a network you are in control of that requires a password, not public WIFI  because cyber criminals can more easily monitor information being sent across the network
  • Log off of remote access at the end of every day
  • If using home Wi-Fi, make sure the network is set up securely
  • Use hard to guess passwords
  • Establish a VPN (virtual private network) for stronger protection
  • Enable security features on a computer or mobile device, such as password, PIN, fingerprint, or facial ID features
  • Keep computers and mobile devices updated by enabling the device to check and install updates automatically
  • Store work-related content on company-approved cloud services
  • Only use company-approved video conferencing, collaboration tools and filesharing platforms
  • Don’t forward work emails to a personal email account

When hosting a virtual meeting, follow these tips to enhance security:

  • Create unique access codes for each meeting
  • Use one-time PINs and consider multi-factor authentication when the meeting involves discussing sensitive or confidential information
  • Place participants in a “waiting room” and begin the meeting after the host joins 
  • Enable notification when attendees join by playing a tone or announcing names, or ask participants to identify themselves
  • Record the meeting only when necessary 
  • Disable features you don’t need, like chat, file sharing or screen sharing
  • Limit who can share their screen to avoid seeing unwanted or unexpected images or sensitive information

Companies should also consider developing an Incident Response Plan to respond quickly when a device is hacked, information is compromised or another cybersecurity breach occurs. Such plans should include processes to:

  • Identify and restore a device’s last clean back-up
  • Communicate the incident to the proper officials, such as IT, law enforcement or regulatory agencies
  • Isolate the infected device
  • Separate devices that were not infected

Meet The Rehmann Team

Start typing a name ...
Searching for "{{nameQuery}}"...
Start typing an experience ...
Searching for "{{experienceQuery}}"...
Start typing a location ...
Searching for "{{locationQuery}}"...
Or view a list of team members

get rehmann expertise to drive your business in your inbox every week