This article will examine best practices for securing work from home networks for remote staff. These are best practices, but it is up to the organization to create security policies and procedures for employees working from home.
DO NOT USE WIFI
Working from home is different from working remotely. It assumes that employees use an Internet connection located somewhere in their home, not in a public location. Therefore, the simplest way to secure remote networks is for users to stay off WiFi and use a hard-wired connection to their router, switch, or modem.
Configuring secure WiFi connections is a more complicated process, and WiFi poses additional security risks. So kick it old school and use an Ethernet connection.
SECURE YOUR HOME ROUTER
Be sure to change the default configuration credentials (e.g., username and password) on the router or cable modem. Most hackers know what the default usernames and passwords are for the device's brand, so their network is at risk if these are not changed.
USE STRONG PASSWORDS
Strong passwords contain 12 or more characters that include capital and lowercase letters, numbers, and symbols. Password managers, such as LastPass, allow you to generate strong passwords with specific criteria. This application then remembers the passwords, and the only password you have to remember is the master password for the LastPass app.
WORK BELONGS ON WORK COMPUTERS
Allowing employees to use a personal laptop or desktop work is a bad idea, period. Your organization should provide company computers for all remote workers configured with the applications necessary to do their jobs. Do not allow remote employees to install any other applications (except for anti-virus, VPN, or password managers) on company devices. Not following this recommendation could put the security of your entire network at risk.
When it is time to dispose of hard drives, laptops, or computers, you should adhere to secure hard drive disposal best practices, so sensitive company data does not fall into the wrong hands.
USE A VIRTUAL PRIVATE NETWORK (VPN)
Use either the company's VPN or commercially available VPN software to create a secure connection to its intranet or network.
USE TWO-FACTOR AUTHENTICATION (2FA)
2FA adds a security level by requiring a password and a code entered at sign-on, generated either through an app, email, text message, or phone call. The company IT department should enable this on all remote devices that access its intranet or network.
USE DATA ENCRYPTION
Be sure to use data encryption to protect all data (including emails) across the network. Work documents and files should be stored on company servers or approved cloud storage platforms and not on-at-home devices. Adhering to this policy makes it easier for the IT department to perform regular backups and restore any data that may be lost using a previously saved backup.
KEEP YOUR OPERATING SYSTEM AND SOFTWARE UP-TO-DATE
It is always prudent to keep the OS and company provided software (especially antivirus) updated to the latest version. There are, however, circumstances where you may need to delay updates due to company-specific software. In this case, you should disable automatic updates.
Securing work from home networks is a relatively straightforward process. Each of the above recommendations can generally be performed by employees with IT personnel’s help via a web meeting.