In 2018, Global Workplace Analytics reports that 5 million U.S. employees worked at home at least part-time. When the COVID pandemic hit, surveys found that 88% of workers who could work from home started working from home at least one day a week. The same survey also found that 68% of those workers felt they were working just as well at home as they do in an office setting.
Working remotely has proven to many companies that working from home can save money and make employees happier. There are lots of positives, but you cannot overlook the negatives. The good news is that with some careful considering, the negatives to working from home are easily overcome. Data security is the main concern. These are the five data security challenges remote workers need to address.
Weak Security at Home
How are your home workers accessing the internet? Do they use the same security measures you use in the office? Chances are they’re using the firewall that comes with their operating system, and that’s if they even bother to use one at all. They may have a virus/malware security suite, but you have no idea if they keep it updated and run it constantly.
They’ll have cell phones connected to their home networks. Are those equipped with security software? How about all the smart devices a home has like smart speakers, lighting, security cameras, etc? If a hacker wanted to get into a private home, it may be a lot easier to do so than it would be at your office. To prevent that, you need to hold an open discussion. It may be in your best interest to have your IT department or a security specialist go to each home office and look at the set-up.
Poor Backup and Recovery
You have workers using their home laptops to connect to your work servers to get files. Those same employees use their home laptops for shopping, watching videos after work hours, or reading personal emails. One of them falls for a scam in some way. It might be a bogus link in an email, malware found in an online ad, or one of the dozens of other ways worms, malware, spyware, and other critical issues make it onto a computer.
The work the employee completed is now corrupt or lost. If anything was also saved to your work servers, your servers are at risk. Not only does your security team have a job to do now to save files, if that’s even possible, but your employee has to start from scratch. If files are missing or corrupt, dozens of hours of work are lost. It’s frustrating, but it can also be incredibly costly. You may miss deadlines and lose customers. If any confidential information was stolen in a breach, you may face fines and lawsuits. Can you afford that?
DOS and DDOS Attacks
On June 15th, fears of a DDOS attack hitting the U.S. hit the media. The hacktivist group Anonymous said a major DDOS attack was happening. It made sense to many as AT&T, Comcast, T-Mobile, and other services or companies went down. Cybersecurity experts say it didn’t happen, but T-Mobile was upgrading networks, which caused several issues.
It is worth considering how this data security issue could cause problems for remote workers. Loss of productivity is the main concern, but it could also lead to a loss of private information. If a remote worker has no internet or phone service, that worker’s productivity comes to a screeching halt. Business owners need to make sure networks are protected as best they can.
Lack of Training or Guidance in Best Practices
Companies need to offer guidance to their employees that cover security training and the best practices to follow. These measures need to be used in the office and within home offices. If your company doesn’t have one, it’s important to get one in place and make sure employees understand and follow the guidelines.
You need to cover several things in a guide to working at home. You need a detailed plan that informs employees of the security software they need to use. You need to address what they should do with electronic devices that no longer work and must be recycled. You have to talk about firewalls, external storage, where to store electronics when they’re not being used, and who to inform if there are problems.
At a bare minimum, you need to make sure your employees have firewalls in place, use secure passwords, and use a VPN when accessing company servers remotely. Employees shouldn’t send business attachments and confidential information through a personal email account. They shouldn’t store company documents on their home computer. They need to know how to send encrypted messages to you and their co-workers.
Your workers need to have security software that’s recommended by your company and that it’s set to update definitions daily and run scans as often as your IT and security team recommend. If they’re not tech-savvy, teach them. They need to make sure work laptops have passwords to prevent access and that the laptops are stored in a safe place when not in use. A fireproof safe is ideal. Address who is allowed to touch work laptops. You probably don’t want them allowing a spouse or child to use the work laptop while they’re away from their desk. It may seem absurd to have to write out commonsense rules, but
Use of Recycled Equipment or Not Knowing How to E-Recycle Properly
Are you expecting your employees to use their home computers to remotely access work servers? Are they bringing home some of their office equipment and storing it in their home? If they’re using their computers, you need to consider where those laptops or desktops came from and where they’ll go when they’ve outlived their usefulness. The same is true of any copiers and printers they’ll be using at home. While most refurbished or used office equipment is free of viruses, malware, and other security issues, it comes down to how data was destroyed. Some companies take shortcuts that may not make the electronic devices as safe as you’d want them to be. When it’s time to recycle them, you don’t want files that are on a wiped hard drive to be recovered and fall into the wrong hands.
It’s best to supply employees with the computers and printers that they need to work effectively from home. If they have outdated work laptops that you’re replacing, make sure you hire an ITAD partner who follows protocol designed to destroy hard drives and confidential information. You do not want to choose a company that sends your electronics overseas or doesn’t wipe data properly before selling them as refurbished. ERI is the nation’s top ITAD provider and offers several levels of data destruction to ensure your information is destroyed.
Talk to ERI about recycling kits to return your employees’ electronic devices when there’s no convenient drop-off area in your city. We provide tracking that ensures you know where your devices are on their way to one of our facilities and what stage of data destruction and electronics recycling your items have reached.