Compliance, Insider Risk

Data Security Considerations for Your Work From Home Policy

By Veriato Team

Incorporating data security in your work from home policy

Work from home policies have soared in popularity among both employees and employers for a variety of reasons. Your task as an organization is finding a way to provide that benefit to your employees without compromising your data security.

What’s the problem with working from home?

There are many benefits to working from home – including some big ones like employee morale and productivity. In addition, employees generally appreciate the improved work/life balance and employers like that it removes distractions and conserves office resources.

Unfortunately, working from home can pose some serious security risks that must be considered in your organization’s work from home policy. In a modern workforce, the Internet of Things (IoT) is growing in popularity. These internet-enabled devices that collect and act upon data create a massive liability when it comes to data security.  While smartphones, tablets, laptops, wireless headphones and smart speakers can make jobs easier, they also amplify the network attack surface. More devices mean more security risks.

Remote access also raises the issue of unsecured networks. If employees are using unsecured networks to access corporate data, they put that information at risk. Additionally, when employees work from home, organizations have no control over the physical security of the devices. In a less formal setting – like at home vs. in the office – people are more likely to observe a lower level of security precautions. They may leave their computers unattended, or leave desk drawers unlocked. These simple behaviors create a security risk – even if your employees don’t realize it.

Data security measures and considerations for your work from home policy

  • Configure Devices: If you provide hardware to your employees, it’s probably already set up on the security front. But if your employees are using any of their personal devices to access work information, consider establishing security standards and requiring IT to configure all personal devices to your security expectations as part of your work from home policy.
  • Set up a VPN: This is a key step to a successful work from home policy. A Virtual Private Network lets your employees access your secure network remotely – and keeps hackers out thanks to authentication requirements. Make sure to configure access permissions and encrypt data. It’s probably also a good idea to require the use of a VPN while accessing sensitive data rather than allowing offline access.
  • Approve applications: Make a list of approved applications your employees are allowed to use for collaboration and saving data. Communicate that list to them as part of your work from home policy.
  • Set up physical security policies: Some examples of protecting devices are requiring a password, instituting two-factor authentication, and requiring an auto-lock feature.
  • Educate employees: Explain both your work from home data security policy as well as the reasoning and considerations behind it. If employees understand the risk, they are more likely to comply with best security practices. Reiterate that working from home is a privilege – but it can’t be offered at the expense of information security.
  • Implement employee monitoring software: Even the most security-educated employees can inadvertently put data at risk. Insider threats are the number one cause of cyber attacks in business. Employee monitoring software as a part of your work from home policy will catalog activity, prevent and detect threats, and help you respond to risks as quickly and efficiently as possible. Tracking user activity via remote access allows you to offer the benefits of working from home with the knowledge that your security risks are constantly being managed.

Offering remote work benefits can help attract and retain employees. Keep that perk working for everyone by building data security into your work from home policy.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...

When To be Suspicious About Work-From-Home Employees (or Not)

When To be Suspicious About Work-From-Home Employees (or Not)

Perhaps someone doesn’t answer a Slack message as quickly as they should, or they have long hours blocked on their calendar. Maybe someone doesn’t seem motivated during team meetings or they are slow to complete work. While research has shown that overall,...