6 Data Breach Risks for Work From Home EmployeesPosted on May 19, 2020
Business owners have quite a lot to worry about as more people are working from home and telecommuting than ever before, and will likely continue for some time.
Whether the result of COVID-19 stay-at-home regulations or a shift to a more modern workforce, your employees could be presenting your business with even greater data breach risks through their work-at-home routines.
These are six risks work-from-home employees generate for your business.
1. Failing to have Specific Policies in Place to Limit Data Breach Risks
These policies must specifically address employee negligence and establish rules to discourage that kind of neglect along with identifying consequences for employees who do not take organizational security seriously.
Items to address:
- Rules concerning the use of personal devices
- Use of public Wi-Fi or unsecured home Wi-Fi
- Theft-prevention measures for work devices
- Identifying and using strong passwords
- The frequency for which employees should change passwords
As an organization, you should also consider establishing security measures for work-at-home devices and educate your employees about cybersecurity, best practices, and the importance of locking their devices when walking away – even for a moment.
But policies are just policies if they aren’t communicated or implemented effectively. It’s even wise to send out a reminder email about company policies and disciplinary actions for non-compliance in light of so many people working remotely at the moment.
2. Forgetting to Strictly Monitor Use of Virtual Private Networks (VPNs)
More people are logging on to your business VPNs than ever before as the bulk of your workforce attempts to log in remotely. Make sure your IT security team knows who should have access to the VPN and that they treat any others as security risks and block them immediately.
Doing this means that anyone who shouldn’t be on the network is quickly isolated and eliminated. It also reduces your risk of full breaches occurring and limits the devastation and duration when they do.
The idea being that strict monitoring of the network is one more part of a much larger process focused on preventing data breaches from occurring, but being prepared for them if they do.
3. Overlooking the Importance of Creating Strict Protocols about Using Personal Devices and Computers for Work
It’s essential that your employees do not use unsecured personal devices to create, access, or use work products. That will eliminate all securities you’ve initiated to prevent data breaches and leaves private information about other employees, clients, and business operations vulnerable to exposure should a data breach occur.
Like so many other policies, this is one that’s important enough you should have an escalating disciplinary chain of events that initiate after each offense.
4. Neglecting to Remind Employees to Remain Vigilant about Physical Security
Physical security isn’t only important as it relates to securing business computers and other devices used for business purposes, but also for protecting business information, including their passwords.
This means you may need to send occasional reminders about how to behave in public to discourage people from watching over employee’s shoulders while they work, protecting passwords, locking devices when not in use, and preventing others from simply walking off with their unlocked laptops or tablets.
5. Failing to Require Multi-Factor Authentication
Multi-factor authentication is the latest stage of the security game. The idea is that while someone may gain access to login information, it’s often unlikely that the individual in question will have access to login information and your mobile phone at the same time.
The multi-factor authentication process can significantly reduce risks of data breaches for your organization and is an essential tool for increasing safety for all your employees.
6. Neglecting to Remind Employees to Consider Line of Sight When Setting Up Home Offices
Even though we live in a high-tech world, it’s sometimes the low-tech criminals that do us in. Never underestimate the simplicity of someone watching through a window with binoculars to see employees logging into your network day after day.
While everyone is searching under rocks and deep within the web for solutions and answers when data breaches occur, there are times when it was just someone looking over the wrong shoulder at the right time that made it happen. Vigilant employees can avoid that.
Contact Otterstedt Insurance Agency today to learn more about your data breach risks and how we can help protect you from some of the financial fallout should a data breach occur with our cyber liability insurance protection.
We are here to help protect your business from the unexpected and mitigate your risks. Put this information to work for you today, and call us at 201-227-1800 to learn even more ways to reduce your employee-related data breach risks.