We have compiled a list of best practices that will keep your employees secure while working at home. Download pritable version here
Checklist for the business
- Enforce local encryption.
- Require strong password management.
- Solutions: ITGlue or Last Pass.
- Document local users and admin accounts.
- Mandate strong passwords for users and administrators.
- Reduce external sharing of Cloud applications.
- Solutions: OneDrive, Google Drive, Box, teams, slack, etc.
- Enable mobile device management (MDM) for remote device management.
- Analyse and enable remote endpoint security.
- Solutions: Intune from Microsoft & Kace from Quest.
- Provide secure file and data sharing externally and internally.
- Enable Multifactor Authentication that expires every three days.
- Analyse incident response procedure with all stakeholders.
- Require secure remote access in case users cannot login via a corporate laptop.
Checklist for Employees at home
- Device Security
- Keep all connected (IoT) devices up to date, including smart-fridges, TV’s, Thermostats, Surveillance cameras, etc.
- Change all personal passwords regularly.
- Regularly update personal or corporate PC’s & mobiles.
- Wireless Security
- Change default Wifi Router passwords.
- Enable WPA-2 or higher encryption.
- Ensure router firmware is up to date.
- Secure Workplace
- Ability to lock PC, Mobile device or business data when idle.
- Safe area to have private conversations without eavesdropping.
- Regularly review corporate policies and procedures.
Security awareness checklist
- Corporate vs Personal
- Never share corporate laptops with family or friends.
- Any business-related activity must be performed on the device provided by the organisation.
- If no corporate device is available, employees must use provided remote access applications.
- Reduce social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
- Take phishing awareness training seriously.
- Take caution when opening email attachments and links.
Additional employee security considerations
Increasing numbers of businesses are addressing email security through security awareness training. Your employees should consider security training as an essential best practice. Security training can be tailored to emphasise the types of security threats that target your business.