To secure your remote workforce, lock down ‘your’ computers

Many employees aren't coming back to the office. That means you must make sure your business secrets are just as secure from their home office as they were at the corporate HQ.

I know some of you are still convinced you'll soon shepherd your flock of workers back into the comfortable cubicles of the corporate office. Not going to happen. I've been following the working from home revolution closely, and, trust me, your people like working from home. A lot.

According to a FlexJobs survey, 58% of workers currently working remotely said they'd "absolutely look for a new job” if they're not allowed to continue remote work. 

It’s not just staffers. Successful tech entrepreneur Lou Shipley found remote work "brought on an increase in productivity." How much of one? He wrote that in 2020 the "decrease in sales and marketing travel-related expenses of between 50% and 75%...coincided with an increase in overall sales of between 20% and 50% year over year."

As the saying goes, "If it's not broken, don't fix it." For many businesses, having their employees working from home works really well. There's only one little—okay, big—problem: trying to secure staffers when they're miles away. It’s not easy, but there are ways you can try to do it.

Much of this is security advice that should sound familiar. Be smart about passwords; use antivirus and malware programs; and, for pity's sake, do everything you can to avoid getting dusted by ransomware

But when your employees are working from their kitchen tables, you need more than just follow-the-usual-rules tactics.

For example, are you letting workers use their personal computers or other electronics they own? Please don't. Yes, I know Bring Your Own Device (BYOD) is still as popular as ever in some circles. It wasn't a good idea back then; it’s not any better in 2021.

I'm not being holier than thou. I used to bring my own computer gear into work long before BYOD was a thing. That's because I usually had much newer and faster equipment in hand than my employers did.

Yes, it did cut down on the company's hardware costs and it improved my efficiency, but, looking back on it now, it was a mistake. Do you really want your corporate secrets living on someone’s personal equipment? I wouldn't now.

Or, say, for instance, besides using their PC for work, they use it for, ah, personal recreation, and get a case of malware from some gambling or porn site? The first you might know about a problem is when your site gets locked up by ransomware.

More to the point in 2021, it's not your employee who has access to your company's work, it's their partner, their roommate, their kids, and on and on. It's just not safe.

Even if you and your family do all the right things, it still doesn't mean an attacker can't get to you by hitting a more vulnerable system in your home. For example, in the U.K., student Windows PCs were found to be infected with the Russian network worm Gamarue. From there, it could hop onto your employee's PCs and, from there, into the rest of your network. 

Or, say, for example, your workers use random USB sticks to transfer data. Even with the rise in cloud computing storage, many people still use USB sticks. And guess what? Besides letting staffers walk away with confidential data, those sticks mean they can spread malware. (In 2020, crooks sent malware-infected USB dongles to people under the pretense of being a Best Buy gift device.)

To keep your data safe on home PCs, you must insist that people use encryption on all their corporate data. Common programs you can use for this are Microsoft Bitlocker, Apple FileVault, and VeraCrypt for all operating systems.

These days, with pandemic restrictions relaxing, more and more people will go back to doing work at coffee shops and the like. That means, in turn, they'll be accessing public Wi-Fi networks. Really, need I say more? It's trivial to spy on data running over public networks. Remember what I said about encryption? It goes double for any data, such as e-mail attachments, that's flying over a wireless network.

In addition, because it's their box, and not your company's, employee PCs at home may not be up to date with the latest antivirus software and application and operating system patches. Allowing your employees to use their PC as if it were a business machine is just asking for trouble.

You can also count on workers being unhappy if they think you're taking advantage of them or exerting too much control over their "personal" machines.

The bottom line: you need employees to have corporate computers that are used only for work and that you control. No matter how you try to lock down someone's home machine, there are too many ways it can go wrong to work out well in the long run.

Next read this:


Copyright © 2021 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon