Guest blog: How to stay secure when working from home - By Alex Tebbs, co-founder of unified communications specialist VIA
/The latest statistics on flexible working show that it’s the new normal for British workplaces. It’s no longer a desirable benefit, but something that’s seen as a key component in becoming an ‘employer of choice’ and providing employees with a better work-life balance.
According to one 2017 survey, 58% of employees are already offered some form of flexible working arrangement. Another survey puts that figure at 63%, which rises to 87% when you include workers who say that they would like their business to provide the option if they don’t already.
In addition, 70% of workers say that flexible working makes a potential job more attractive to them and it’s hard to imagine an employee who currently benefits from it moving to a new job where they wouldn’t. Perhaps more than any of the others, these statistics should encourage forward-thinking employers to consider implementing a flexible working policy.
Understanding the risks and benefits
However, any policy that allows employees to work outside of the office comes with security risks. Proper precautions must be taken to ensure that these risks don’t turn into problems that outweigh the benefits of flexible working.
In this article, we’ll focus on three areas of risk: online security, hardware and offline risks that come from using paper materials. Each of these areas demands a different solution, but employers can’t afford to ignore any of them.
If the risks are mitigated, the benefits of flexible working should become apparent. 53% of people believe that their productivity would improve if they were allowed time to work outside of the office and 58% believe that it would help their motivation.
In addition, 57% of people believe that flexible working would improve their work-life balance, and implementing it would allow employers to appeal to the 92% of 18-34 year olds who say they want the option to work flexibly.
Staying secure online
The most obvious area of risk is online security. The most important thing for remote workers to avoid is working on any sensitive information while connected to public Wi-Fi. These networks are vulnerable to hackers and may even be fakes set up to look like trustworthy public hotspots.
In order to avoid compromising security, remote employees should connect online via a secure private network, a personal hotspot or a company VPN (virtual private network). The first two are easier options, though employees may be reluctant to use their own mobile data for a personal hotspot; this is more useful for employees with work phones that have a good data allowance.
VPNs are more specialised solutions that fully encrypt an employee’s browsing data. There are software-only options available, though they still need to be logged into from a regular network. However, if you expect employees to routinely handle sensitive data when they’re away from the office, the extra protection of a VPN is worth the expense.
Beyond connectivity considerations, standard internet security practices apply. Employees should avoid giving any information to non-secure sites (sites marked HTTP rather than HTTPS) and should use varied, complex passwords, storing them in a password manager if necessary. Smartphone password managers can be particularly helpful, as they can be unlocked with a fingerprint rather than another password. These are standard precautions, but they shouldn’t be ignored outside the office.
Keeping hardware secure
There are many more risks to device security if employees work outside the office. Everything that is used to access company data - especially laptops and smartphones - is potentially vulnerable. However, common sense can go a long way towards mitigating the risks.
Once again, strong passwords or identification methods should be standard. Employees should also avoid entering codes and passwords where they can be seen to do so, just as they would be careful to hide their PIN.
Employees should also be encouraged to take good care of their devices. They should avoid leaving them unattended in public spaces like coffee shops and should keep sensitive information out of sight of the people around them. They should also take care, when working at home, that children or pets can’t accidentally press something!
Furthermore, remote monitoring software can be used for work-issued devices. This is a significant advantage of providing employees with the hardware they need to work remotely, as it allows you to take control of a situation quickly should a risk be detected.
If employees are allowed to use their personal devices, they should, at the very least, be required to use official work communications technology, which can often be installed as apps or accessed online. If you don’t have secure communications technology in place as you explore the possibilities of flexible working, it’s something to look into soon.
Staying secure offline
The final considerations relate to the other ways that employees can be compromised offline, mostly regarding paper documents. These can’t be password protected or monitored in the same way as electronic documents, so employees should receive training as to how to make sure a security breach doesn’t occur.
Common sense is an important factor again, as well as practical steps that help ensure security. The most important is a document retention policy that details all the sensitive documents the company has possession of and how long they can be kept before they’re destroyed. Employees should adhere to this policy even if they’re working remotely, ensuring that they’re not keeping paperwork longer than the policy allows them to. This can also aid with keeping track of a document’s location so that it can be recovered should it need to be accessed or destroyed in the future.
If you follow guidelines like these, flexible working can be a real benefit to your company and your employees. But just because it’s the future of our workplaces, it doesn’t mean we can afford to take risks.