8 min read
Sep 13, 2020
Security

Top 5 Cybersecurity Tips For Employees Working Remotely

Share these five cybersecurity tips with your employees working remotely to safeguard your systems against cyberattacks.

A.S.
Ankita SinghContent Writer

With remote working becoming the norm these days, cybersecurity threats are one of the top three concerns of businesses, according to our June 2020 survey.

In these times, your employees become vital to protecting your business interests because, as a Gartner report notes, they are the weakest link and often the last line of defense (full content available to Gartner clients only).

Irrespective of the security measures you’ve taken so far to keep your company data and network safe, you’ll need even more concrete cybersecurity guidelines for your remote employees. Your remote workers must be aware of how their actions can play a big role in preventing data breaches, ransomware attacks, malware infections, DDoS attacks, and other cybersecurity threats. 

To help you, we’ve compiled a list of the top five cybersecurity tips that businesses like yours have provided to their remote workforce.

Guidelines issued by SMBs for remote work security
Group 3@1x Created with Sketch.

1. Avoid using public Wi-Fi networks

Your remote workers might feel tempted to stretch the flexibility of remote working and decide to work out of a café or a hotel. You can’t regulate such decisions, but you can inform them about certain precautions to reduce the risk of cybersecurity threats when they use public Wi-Fi.

Precautions to reduce cybersecurity risk when using public WI-FI

Bonus tip

Get in touch with the IT department promptly if you notice any suspicious activity or such as increased spam emails and frequent error messages when accessing business applications. Also, never open or respond to emails from non-verified senders or download any attachment or click on any links in these emails.

Group 3@1x Created with Sketch.

2. Change system and router passwords regularly

Your remote employees can help you keep cyberthieves away by changing their system and router passwords regularly. You must send prompts or emails to remind your remote employees to change their passwords every two or three months. 

In addition, passwords must be unique and strong to avoid cracking. 

Here are some dos and don’ts for creating passwords:

Dos and Don'ts for creating passwords

Some additional tips for your remote workers:

  • Set different login passwords for different applications. Use password managers to remember your unique passwords. These tools keep the username and password in encrypted form and are, therefore, safe.

  • Protect the computer screen when working remotely from a public space to ensure that no one’s observing the password as it is being typed. Remember to change the personal Wi-Fi router password if shared with a guest.

  • Avoid logging into business emails or accessing confidential data using passwords on a public system. Passwords could be stored without the user's knowledge putting them at a greater risk of cyber theft.

Bonus tip

Never email business documents to yourself on your personal email IDs. If you must, then enable email so that the classified data is protected.

Group 3@1x Created with Sketch.

3. Use a VPN when connecting to the company network

Virtual private networks (VPNs) create a protective tunnel between the client browser (employee computer) and the company server. This protective tunnel hides users’ internet protocol (IP) address and their geographical location from hackers, making data exchange between the employee computer and the company server safe.

VPNs have built-in malicious website detectors that notify and restrict users if they try to access a potentially unsafe website. VPNs also block spam emails from hackers, which thwarts phishing attempts that try to lure unsuspecting users into sharing their personal information or business data.

Your remote workers should use a VPN connection when:

  • They’re working full-time or freelancing remotely from anywhere in the world.

  • They’re using personal devices for work or are traveling to client locations and using public Wi-Fi at airports or hotels.

If you’re looking for VPN software, you can find some options here.

Bonus tip

Never ignore the prompts for software updates received from patch management tools. Download updates and keep your system updated at all times.

Group 3@1x Created with Sketch.

4. Avoid downloading or using unapproved applications

Your remote employees might feel tempted to use their official laptops for personal tasks or they might find more efficient cloud applications (for file sharing, storing, video calling, etc.), prompting them to download and use unapproved software applications. 

This phenomenon of using information technology systems, devices, software, etc. without the IT department’s approval is known as shadow IT.

These unapproved applications/tools may not be compatible with the existing software applications on your remote workers’ systems. This can restrict your IT department’s ability to analyze and monitor system activities and prevent potential compliance issues and data leaks.

In addition to giving strict guidelines against downloading or using unapproved applications, you can also take certain measures to help remote workers understand the perils of using such applications.

Tips to reduce unapproved applications by remote workers

Bonus tip

Don’t insert unvetted USBs in work systems. A USB device could contain malware or a keystroke detector.

Group 3@1x Created with Sketch.

5. Use multifactor authentication when using business applications 

Multifactor authentication puts additional layers of security that requires users to provide extra information to prove their identity before they can log in. For example, a multi-factor authentication setup may require users to provide usernames, passwords, and a passcode (or more details).

Multi-factor authentication protects your remote employees against credentials stuffing and phishing emails. There are mainly four modes of multi-factor authentication:

  • Text message codes sent via SMS

  • Authenticator application codes sent via authenticator applications on smartphones

  • Biometric authentication involving facial recognition or iris or fingerprint scan

  • Physical keys such as USB sticks that need to be inserted to unlock the system or software

Getting your remote employees on board with multi-factor authentication would include educating them about the benefits of doing so. In the beginning, your non-tech savvy remote workers would have doubts and questions for which you’d need to offer them on-call IT support. 

Once they understand the setup and the use, it’s a simple and straightforward process from there.

Bonus tip

Never share any personal or professional information with unknown sources on email or website pop-ups. Don’t get tempted to participate in contests to win free rewards or click on unverified web links.

Group 3@1x Created with Sketch.

Next steps

Remote workers might consider cybersecurity maintenance to be a time-consuming effort as it involves certain additional actions from them. They could also be unaware of your organization’s security policies or think they won’t be impacted in case of a cybersecurity attack (full content available to Gartner clients only).

Regardless, the responsibility to fill in the gaps is yours, since it’s your business that will have to pay the price for lax cybersecurity practices. Here are some handy recommendations to help you do that:

  • Develop cybersecurity training content that’s short, crisp, and easy to understand. Link the training material back to organization-wide cybersecurity policies.

  • Give remote workers toolkit notes with information about cybersecurity precautions and best practices for remote working.

  • Send email blasts with regular updates on cybersecurity needs and confidentiality policies via the human resource and legal departments.

  • Share examples of actual cyberattacks on organizations and how they impacted individuals.

  • Quote industry experts and other credible sources to highlight the importance of cybersecurity.

  • Get senior leaders on board to do video training for groups about company values and the role of cybersecurity in enabling them.

  • Reward good cybersecurity behaviors and penalize bad ones.

Group 3@1x Created with Sketch.

Additional resources

You can also visit our IT security software directory on GetApp to know about different software that can help you strengthen your cybersecurity.

You can also read the following resources for more information on cybersecurity:

June 2020 Survey

The business model survey referenced in this article was conducted by GetApp from June 18 to June 23, 2020 among 577 respondents who reported executive leadership roles at small businesses with 500 or fewer employees.

Back to top