Many office workers dream of working from home. They imagine starting work happy and refreshed, having had an extra hour to sleep, and experiencing none of the hair-pulling, anxiety-inducing morning traffic. They long to work in their comfy pajamas, with their dog lying on their feet, while they get more accomplished than ever.
But the reality is, as we know, that remote work is still working. It is demanding, it is stressful, and it is essentially the same work that you need to get done in the office, oftentimes with less available resources and more distractions.
Furthermore, there is a myriad of unique stressors that crop up exclusively in the work-from-home environment. Some of these arise from issues in separating work/home life, the pressure to be available 24/7, less social stimulation, lower quality of communication, and procrastination leading to overwhelming workloads. However, the worst, most anxiety-provoking scenario of all remote workers is accidentally exposing your company to a job-threatening data breach.
In this article, we will discuss how employees new to the remote working world can ease their anxieties around keeping confidential information safe, and how to properly protect themselves and their companies’ data and information to avoid another stressful remote working situation.
The workforce has changed: many companies have decided to embrace working from home policies because of the money it saves and the high-quality work it produces. Even more, companies have been forced to grudgingly accept remote work because of the lockdowns due to the Covid-19 epidemic.
Remote work, when done correctly, is very effective and cost-saving. However, it can also create new sources of stress for employees. It all depends on how prepared and well organized your business is that determines whether remote work becomes a great opportunity or a potential train wreck.
One common anxiety shared by many remote workers is the inability to separate work life from private life, and the resulting pressure to be available 24/7. When your home is your office, it is difficult to “shut down” and relax after a hard day’s work when that PC is beeping at you and you know another new email has just landed in your inbox. Many remote workers love setting their own schedule, but the lack of the clear cut “9-to-5” schedule leads them to feel like they are working 24/7 on call.
Sociable workers may find it demotivating not to have a litany of office buddies to chat with at any given moment. For many extroverts, the water cooler talk is how they recharge and stay energized, and it can be draining not to be able to anyone for a whole 8 hours. Furthermore, running a remote team through email and chat can easily lead to comments being taken out of context or completely misunderstood.
However, no dread is so great for the remote worker as the dread of compromising company data. And with many workers being thrown haphazardly into make-shift offices from their home, many fear that they are vulnerable to hackers and other cybersecurity threats.
Yes. But the good news is, it’s easy to prevent a data leak or breach in remote teams.
One reason remote workers are more susceptible to hackers is that they often don’t have a secure network like a VPN (Virtual Private Network) set up at home. The WiFi they are using at home often has a password like “Password12345” and they may even frequently use the public internet connection from cafes and other public workspaces.
When remote workers are at home constantly, they are far more likely to use work computers for personal use when the boss is not looking over their shoulders. This can lead to some questionable websites potentially gaining access to all of your company’s data.
Their work computers are more likely to fall into the hands of their children or other members of their family who want to take their computer for a spin. Work computers are usually faster than personal computers, so it may be alluring to have access to the downloading and browsing speed of a work computer, if only temporarily.
Since many companies require remote workers to have a printer, but few individuals have one of their own, which means workers are much more likely to print their personal items using the work computer. Of course, that means downloading more files from websites that may not be secure or logging on to accounts online from dangerous portals.
Unsavvy remote workers are also less likely to keep up to date with important operating system upgrades. They may neglect to ensure firewalls are enabled and fail to have adequate antivirus software. This problem is totally amplified if remote workers are using their own personal laptops for work, which is a disaster waiting to happen.
The statistics are, indeed, anxiety-provoking: data breaches from 2018 and 2019 have cost American businesses a total of 1.8 trillion dollars. Healthcare was the most targeted industry for hackers, which is only bound to increase with the onset of the Covid-19 epidemic, with many healthcare workers at home. With the additional pressure of staying compliant with HIPAA regulations, at-home health care workers can feel constantly anxious about keeping their company’s data safe.
Even large corporations such as Capital One are vulnerable to cyber threats – in fact, the Capital One data breach of 2019 was one of the biggest hacks of all time. It compromised the information of 100 million customers and leaked personal information such as names, addresses, social security numbers, transactional data, and even bank account numbers.
Remote workers now have increased access to high-quality software that enables them to perform such tasks as invoicing and payment processing for low or no cost. As great as these applications may be for your business, the first thing you need to do is make sure that the network your business is operating on is secure from hackers.
When remote workers are handling private client information, especially regarding financial data, it is vital to provide them with a secure network at home and to enact company policies to increase adherence to cybersecurity standards.
A secure and encrypted email provider is a must for maintaining privacy. Using a free email provider not only looks unprofessional but exposes your company to a lot of risks. Gmail was recently caught giving full access to inboxes of its free email users to third parties.
It’s well known that tech giants like Apple have been asked by the US government for special backdoors into their devices. The good news is, if your company is on a strict budget, many secure, encrypted email providers are free. Aside from the hassle of having your company’s information sold to marketers, you can rest easy knowing that your information is fully private and secure.
A Virtual Private Network is essential for every remote worker, especially those who complete work in public places such as Starbucks and use the public WiFi network. This is one of the best ways to ensure that you are not the victim of ransomware. This ensures that your internet connection is done through an encrypted tunnel, hiding your IP address and your browsing data.
Provide your employers with the means to set up a VPN and make it company policy for all company computers to be browsing with a VPN. Failure to adhere to this policy should result in disciplinary action. However, be sure to evaluate all the available options carefully, reading third party VPN reviews from actual users, and taking the steps to protect your VPN from potential data leaks.
Free versions are great for personal browsing, but to have peace of mind, it may be better to invest in a rock-solid antivirus program for your remote workers. It takes time, talent, and money to develop software that protects your computer: this is not an area to cut costs.
“Phishing” refers to emails sent that pretend to be sent on behalf of a legitimate company or organization. The goal is to entice the reader to click and enter personal information. A simple example might be an email pretending to be from your bank – with identical logos, fonts, and wording – asking you to confirm your account number to avoid having your account suspended.
Sometimes, phishing emails pretend to be from charitable organizations looking to get a donation. Train your employees to always check the actual email address from the message, and ensure that it matches the legitimate company’s domain name. For example, a user might notice that they regularly get emails from an address ending in @mylocalbank.com but just recently got a suspicious email from an address ending in @mylocalbankco.com. This would be a big indicator of a phishing attempt.
Domain spoofing occurs when a website replicates its web design to look exactly like a legitimate website that is used by the user frequently. Employee online portals are susceptible to domain spoofing, even more-so now as the workplace changes.
In March, hackers used Zoom-related domain names to trick unsuspecting remote workers into giving up sensitive information. Zoom quickly addressed the problem with several important cybersecurity updates, but many remote video options still have serious vulnerabilities. The SaaS agency BlueTree recently analyzed the top webinar software used by gig workers and found that roughly 77.8% of the applications had been domain-spoofed in the last 6 months.
You can prevent this from happening by making it a company policy that all workers must bookmark and access the online portal from one link that is sent out to everyone. When employees lose the link and search Google for the link for their online portal, this is when domain spoofing most commonly occurs.
Access free cybersecurity training for your office online via the National Cyber Security Alliance (NCSA) or The Office of the Director of National Intelligence.
Obviously, an operating system is the central point of a computer, with access to all data, meaning it’s the most vulnerable area to be hacked. We all see reminders to update our operating system periodically: and most of us can relate to pushing it off because of the hassle of having to restart our computer.
However, these updates are the most important and easiest way to protect yourself from hackers. Cyber threats are constantly evolving and hackers are very clever at finding ways to bypass security settings, which is why updating your operating system regularly is so important. Require employees to do this by setting up company policy, or remove their administrative privileges and ensure this is done yourself or via a third party.
If you are serious about cybersecurity, you can hire white hat hackers to try to infiltrate your company’s database to see where the weak points are. Frequently, these “weak points” are actually your own employees.
White hat hackers may send a phishing email to your entire staff to see who clicks it, and if one of your colleagues falls for the trap, then you know it is time for some additional training or disciplinary action.
It’s nice to remember your password, but “ABC123” just isn’t going to cut it anymore if you are a remote worker. Ask your employees to make sure that their WiFi network has a password of at least 12-20 characters, with numbers and symbols included. Request that employees refrain from using the same password over and over again, especially with their WiFi network.
Backing up all your files is important in the case of data being compromised, or if an employee accidentally deleted an important file or program. A cloud-based backup service will put your mind at ease, knowing that if any information is lost you can find it again on the Cloud.
This is one of the best methods of preventing unauthorized user access, which is helpful to protect your company from hackers who want to exploit your data for financial gain, and also hackers who just want to cause mayhem for their own personal reasons.
Do not underestimate the damage that can be caused by a disgruntled ex-girlfriend or boyfriend, or a laptop thief. A two-factor verification system means that whenever your employee logs into your employee portal, they must confirm that they are a legitimate user by entering a code that displays on another device.
This device is a pre-approved device, such as a cell phone, that has already been added and is unique to the user. This is a great way to protect your company, especially when you consider that many workers save their passwords so they don’t even have to type them in. This essentially gives everyone who has access to your work computer access to all your files and documents.
Sounds like a lot? It is…
But don’t stress – although the threat of data breaches is scary, remote workers are not powerless to protect themselves. All it takes is educating the people in your company about all the options they have to keep their data secure and enacting and enforcing company policies to keep your business safe.
Showing your remote employees that your company has solid plans to protect confidentiality, and providing them with the right resources to empower themselves to feel safe, will surely pay off in more ways than one.
Not only will your company be safe from malicious cyber threats, but your employees will feel more confident and less anxious about their remote work, resulting in higher quality work and a strong sense of being part of a team.
About The Author:
Nahla Davies is a software developer and tech writer. Before devoting her work full time to technical writing, she managed—among other intriguing things—to serve as a lead programmer at an Inc. 5,000 experiential branding organization whose clients include Samsung, Time Warner, Netflix, and Sony. You can find her on LinkedIn.