Title : Considerations for a Remote Workforce

Posted by : Tariq Azmi | 2020-04-10

Covid has forced us to adapt to changes in our personal and professional life.  When it comes to work related changes some of the companies are prepared for working remotely, others are not. Cyber criminals love crisis.

First and foremost, Security is a mindset, especially when having remote employees.  Do you have the right policy and procedures?

As a company there are many things to consider. Besides the obvious question, can this work be done remotely, and will they need access to company files?

Appropriate Technology in place?

From the Technology perspective few things to review:

  • Do you have appropriate licenses on the firewall?
  • How many remote connections can your infrastructure handle?
  • How will employees access the data?
  • Can you access Email remotely?

Who is providing the equipment?

  • Do you have extra laptops?  If the employee is using their personal laptop/desktop more questions need to be answered.
  • Operating systems, Windows 10, or 7 which is out of support? Or a Mac
  • Is the operating system updated and patched?
  • Are 3rd party applications installed, updated, and patched?

How will the communications be handled?

  • This is perfect time for the hackers to send out phishing emails, especially when you do not have a co-worker to walk up to and verify their request. If you receive email from co-workers, please reach out to and verify those requests.
  • Do you use any internal communication methods?  Slack, or MS Teams?

How will the progress be monitored?

  • If the work is truly being done, can you as a supervisor monitor the progress? 
  • What are the tools that will be used to monitor progress?
  • Do you have supporting controls, policies, and documented procedures?

What technology is in place at your employee’s home?

  • Do they have IoT?
  • Do they use Alexa, Siri, google where your employee conversation can be monitored or transmitted over these devices?

Do you have Multi Factor Authentication (MFA)?

If you do not have MFA, consider getting it enabled