Now that the World Health Organization has officially declared the COVID-19 a pandemic, many companies are considering how they'll keep their business running in an environment where people are urged to stay home to prevent the spread of the virus. In many cases working remotely is an option for employees if they have a laptop and access to the internet. But how do you ensure their work is secure and their computer at home is free of viruses and malware? Andy Knippen, SVP Head of IT for Citizens National Bank, shares a few things to consider as you put your plan into place to allow employees to work from home:
Will the company provide the computer? If so, you have control over the type of virus protection is installed, how often things are updated, and what other software is used on the device. This is probably the safest option, but may not be feasible if you don't have the funds to purchase laptops for all the employees who need to work from home. If you are providing the computer, make sure to have a policy for how the equipment should be maintained as well as whether they can use it for personal use. "Always setup access to be as restrictive as possible to only allow access to the functions actually needed," advises Knippen. This can help lower the risk of working remotely."
What security should be required on their personal computer? "If an employee must use a personal computer for business use, they should be sure they sign out of their personal accounts," states Knippen. "An example would be signing out of their Google account if they're using the Chrome browser. This browser keeps a user signed in with their personal Google account, tracking all usage." If employees are using their personal computers, there are still policies you can put into place to try to ensure safe interaction with your network. Offer to have them bring their personal computer in to have it reviewed by IT and have them install the preferred anti-virus software for them. Create step by step instructions and a schedule for when their computer should be scanned for viruses and software updated. Accessing your network should be done through a secure portal and password-protected. "Watch out for phishing attempts relating to this virus that will seem real and be very tempting to click on. Always keep your guard up and educate your employees!" You should also institute a data loss prevention strategy including encryption and remote wipe capabilities. Consult with your IT provider. Also don't forget to remind them periodically to physically secure their computers so they're not accidentally left in public to be stolen or have the information easily accessed by a stranger.