Do your homework on home work

Why you need remote cyber policies

Every business should have cyber policies in place that address remote working scenarios. Think it’s unnecessary because you don’t have a team of remote employees already on staff? What about the times in-office employees take a moment on their laptop when on vacation or at home with a sick child? What about the casual check ins via personal devices?

Today’s reality is that every remote log-in creates a “hidden back door” into your corporate IT network, a fact confirmed by a T-Systems study. Categorizing the levels of viruses, ransomware and other malware as epidemic, the research warned against the risk employers face as they allow more and more work flexibility.

“You’ve got the multitude of devices we’re now using and taking for granted, and the fact that we are working at home more – it just opens too many doors for malware to get in,” said Scott Cairns, CTO at T-Systems.

To protect your organization, employee training is one of the most important steps you should take—human error and tendencies to trust online interactions create tremendous vulnerabilities in your IT system. As your workforce mobility expands, it’s vital that you include this perspective in training. Think about how usage habits might change based on work locations, how public networks impact usage and if there are some files or data you simply don’t want to be accessible outside the office. If particularly sensitive information isn’t needed on a daily basis, it could be very simple to restrict usage. If remote workers need full access, you may need to build in additional security measures.

If you’re looking for a “starter list” of other protection measures, check out How to Maintain Security When Employees Work Remotely which discusses remote devices, cloud applications and creating secure company networks.


Carol Scully

Carol J. Scully is the director of strategic risk management at MJ Insurance. With over twenty years of global risk management experience, Carol oversees MJ's comprehensive risk management and risk analysis programming and initiatives.