As the latest Google Docs phishing attack that hit over the past week has shown us, people and organizations are getting hacked at record levels. Once a hacker gains access to your accounts, your sensitive data, your identity, and even your reputation are all at risk.
Related: Our 7 Day Malware Prevention Challenge. guides you to secure, clean, update, backup, and organize your computer in just one week.
Something as simple as a maintaining a complex password could go a long way.
While the tips below apply to your entire staff, remote workers require even more care as they bring their own set of data security concerns.
Require the use of strong passwords — on all devices, whether company-owned or not. The best data security systems are virtually useless if your remote users use weak passwords, such as password or 12345. Whether a remote worker will be using a company laptop or a personal iPad to connect to your company network, each device needs to be secured with a strong password.
Strong passwords are long and random, contain a mix of alpha, numeric, and special characters, have both upper and lower case letters, and are impossible to guess. For example, J84$6eBneLi is a strong password. Strong passwords are also changed frequently to ensure that if the password were to become compromised, it would be replaced promptly.
As important as strong passwords are, many people continue to use weak ones because they’re easier to manage. Who can remember a password such as J84$6eBneLi? Even if you did manage to remember it, you’d have an equally hard one to memorize in a few weeks. Plus, that’s just one of potentially dozens of passwords you deal with on a daily basis.
To ensure strong, frequently changed passwords, we recommend the use of a password management tool.
Password management is an essential first step. However, there are a few more tasks to ensure that your data is safe and secure when accessed remotely:
Protect all of your remote users’ devices — First, remote users use a variety of devices to access your company’s network. Whether you issue company laptops or expect your remote workers to use their personal computers and devices, each device needs to be protected with a solid security product. It’s worth the investment to ensure that an employee’s devices, whether owned by you or not, is not compromised by malware. After all, your data will be accessed on that device, so you need to protect it.
Make sure all computers and applications used to access your network and data are up to date — Hackers are always pushing the limits, searching for and exploiting vulnerabilities. As vulnerabilities become known, hardware and software developers respond by issuing security patches and updates. By keeping all systems updated with the latest patches, you can thwart countless intrusion attempts.
Create a secure Virtual Private Network (VPN) connection to your company network — Using VPN software ensures that your remote workers have a private, encrypted connection whenever connecting to the company network. Any data transmitted will be encrypted, ensuring privacy and data security.
Enable two-factor authentication — Better yet, enable two-factor authentication. This involves requiring both the use of a password and a second factor available only to the remote worker such as a numeric code sent to the worker’s mobile phone. Two-factor authentication ensures that even if a hacker had the user’s password, access would be denied because the second factor is unknown.
Develop guidelines for sharing and saving information — and make sure they are clearly understood and enforced — For example, is it okay for remote workers to store company data on their personal computers? On a USB device? Are they emailing files to their Gmail accounts so that they can work on them from home? Though these methods get the job done and may be convenient, they put your data security at risk. Once you have policies in place, make sure everyone understands and complies with them.
Technology makes remote work a viable alternative to coming into the office Monday through Friday or staying late to finish urgent projects. Whether your remote workers telecommute full time or occasionally, investing in data security and password management solutions is a must to protect your company’s digital assets.
New Jersey’s Quikteks can help with all of the above. Contact us today to schedule a free data security consultation.