How to Tell Whether Remote Employees Are Keeping Confidential Business Data Safe
This article was updated on Sept. 7, 2018.
The number of remote employees is on the rise, with Markets Insider predicting 50 percent of employees will work regularly from home by 2020. While some employers believe remote employees won't perform as well as those who are office-bound, a study by TINYpulse found they feel happier, more productive and more valuable than those who work on-site.
Keeping Confidential Data Safe
One sticking point for some employers is that remote workers may handle confidential data as part of their daily jobs. In an era of digital security attacks and ongoing problems associated with insider threats, protecting sensitive data is imperative. Good protection requires a combination of technology, people and processes.
On the people and processes side, employers can develop and distribute a security policy that outlines the requirements for keeping data safe, including guidelines for handling sensitive data and sanctions for noncompliance. All remote employees should be required to acknowledge they have received and read the policy. Employers can also organize regular training and security awareness sessions to help ensure all employees are aware of the risks and what is required of them.
In terms of technology, business owners can require employees to meet certain minimum standards for the security controls they use. This could include complex passwords employees should change regularly and stronger forms of authentication for confidential data, such as two-factor authentication (when a code is sent to employees' phones after they enter their passwords).
Employees should be aware of the dangers of unsecured wireless networks and, if possible, use a virtual private network connection when logging on to the business network. Encryption technology installed on work devices can protect data in motion and at rest. Enabling a remote wiping functionality on mobile devices is also a helpful precaution against data breaches. Performed punctually, anti-malware controls and software updates help protect and fix security vulnerabilities.
How Do You Know Data is Safe?
While some countries allow employee monitoring, many jurisdictions do not. In the United States, for instance, many states require user consent to be given before an employer can monitor its employees.
A better option is to use controls that limit access to only those resources for which a user is entitled and limit what users can do in terms of copying or storing data. For example, network access control technologies help restrict access to only sanctioned users, devices and applications, giving business owners confidence that only authorized employees can interact with certain data.
For mobile employees, mobile device management systems provide further assurance that only registered, authorized users can access sensitive resources. No matter what a business owner chooses for access controls, auditing all access is essential to making sure business data remains safe.
For most businesses, the benefits of working remotely can outweigh the risks. Taking sensible precautions helps safeguard confidential information, which helps small businesses continue to thrive.