While this change comes with many benefits, as a business owner, there are three big things you need to make sure your employees are doing to keep your company’s data secure, avoid online scams and prevent being a victim of a cyber-attack.

Cybercriminals know that many of the security measures businesses have in place in their office instantly evaporate when employees work from home. Things like firewalls, secure Wi-Fi, and restricted physical access to a computer all disappear for remote workers.

According to the global security group the Institute for Security and Technology, businesses saw a 311% increase in Ransomware attacks in 2020 due to cyber criminals trying to exploit these trends. This has only increased as hybrid models have become more and more commonplace and look as though they are here to stay.

But it doesn’t have to be all doom and gloom. Because these new models offer many benefits, it’s just important as a business owner to know what you need in place to keep from turning a positive into a giant catastrophe through no fault of your own.

Here are three critical things you must do if you’re allowing employees to work remotely:

• Always On VPN for computer, tablets and mobile devices to ensure that no matter what device employees use, or where they use it, you and your data are protected.
• Use Multi-Factor Authentication (MFA). This is where you get a text, call or need to use an authentication app to log in to programs when your account is being used.
• Set your computer screen to lock automatically. This is a simple measure that automatically logs out and locks your computer so someone can’t just jump on and access your files and programs.

Most small businesses aren’t doing these three basic things to keep your data and company from becoming a victim of cybercrime. They are easy to get in place and free or inexpensive.

In addition to the 3 critical things above, if you are in a regulated industry and have employees that work from home, the following are a few best practices to meet most compliance requirements:

• Ensure the connections workers use to access corporate data are encrypted.
• Have documentation that identifies who authorized the user to work from home.
• Implement a remote access solution that logs VPN, remote access activity and actually look at it. A review of the logs should be performed by someone on staff or your outsourced IT company with knowledge of how to understand it.
• Have a policy that documents the expectations of employees and the organization. This should include data confidentiality and privacy.
• If employees will be using their personal equipment to work from home, make sure you have a Bring Your Own Device (BYOD) Agreement.

If you have Work From Home Compliance questions for your specific industry, we can help.

Want to know if your employees are putting your company at risk?

To schedule a 10-minute call to make sure all hybrid employees have all the tools necessary to protect your company’s data, call us at 888.831.9400 or introduce yourself via the form below!