What Your Employees Need to Know to Keep Their Own Data Secure, Too
It is only too common for people to have very different personalities in the office as they do during their off hours, with different standards and practices to suit them. While there is absolutely nothing wrong with that on the surface, you need to be sure that they are at least upholding the kind of security best practices that you expect of them in the office while they are at home.
Let’s go into why this is, and what these practices should look like.
How an Employee’s Security Habits Impact the Business’ Security Overall
Okay, stay with us here—there are a few steps that we need to go through to get from point A to point B.
Chances are that your team members are likely somewhat lax in their security practices when their own data is concerned. This means we can confidently say that, without oversight, simplicity will likely win out over the admittedly less convenient best practices.
While you should be ensuring that all devices that connect to your business network are updated and abide by certain best practices, like password quality and the like, you aren’t exactly standing over their shoulder while they’re browsing from home.
With so many people now working remotely—potentially from devices they own, not the ones you’ve provided—this can quickly become an issue. With poorly managed and maintained devices accessing your business’ resources, you are exposed to greater risks.
Obviously, this isn’t acceptable. To help minimize the impact that lax security practices could potentially have, you need to reinforce the importance of properly adhering to what is recommended in the office while at home.
Best Practices That Your Employees Need to Abide by at Home, Too
- Don’t reuse passwords
- Update passwords somewhat regularly
- Use an approved password manager to help simplify this compliance
- Supplement your passwords with some form of 2FA/MFA
- Avoid any publicly accessible wireless networks
- Think before you click when browsing the Internet or checking emails
- Use a Virtual Private Network (or VPN) to securely connect to your infrastructure
- Always keep an up-to-date antivirus and firewall installed
- Regularly update your software
- Avoid insecure websites (those beginning with “http” instead of “https”)
- Keep personally identifiable information (PII) private
- Understand what a phishing attack is, and how to spot them
- Keep work devices dedicated to work purposes
Interested in learning more about any of these practices? Give Directive a call to discuss your options with us, along with any of your other business-IT related questions. Dial 607.433.2200 today.