Technology Attorneys

Recent Rise of Scams

As the current pandemic rages on, more and more companies are adopting remote working models and hackers trying to bank on consumer’s fears are churning out scams more than ever. Remote working offers many benefits to businesses but can also pose certain challenges, including security threats. While some businesses have a good enough cyber and network security system in place, many are not aware of the severe risks involved in connecting remotely. In this article, we shall be discussing some security concerns of companies offering remote work and measures to be taken to curb the threats.

 

Phishing Scams

 

Phishing attacks are one of the most common cybersecurity threats of working remotely and are widely recognized as the top cause of data breaches. The World Health Organization, Homeland Security, Global security centers, and the U.S. Secret Service have all warned of coronavirus-related phishing scams. Hackers exploit the coronavirus to send seemingly legitimate, deceptive emails with malicious links and attachments. Once the employee clicks on this malicious link, their system is instantly infected, and the hacker gains access to the employer’s device. Sometimes, the employees are taken to realistic websites where information about their credentials are requested. Many comply, comprising their logins. 

 

The solutions are not farfetched. Employees should be regularly reminded that legitimate groups do not request personal information. Also, they should verify any hyperlink before clicking on it and normalize pausing before responding. They should beware of any email insisting on immediate action, generic greetings or an unfamiliar sender are other markers. While bad spelling and grammar usually indicate phishing attacks, properly written communique can be just as dangerous.

 

Insecure Devices 

 

Often, the personal devices of employees are not secure and can pose the risk of unauthorized access to organization’s data. Hence, it is recommended that personal devices should be vetted by employer IT prior to being used for company work. Better still, the organization can ensure that employees are restricted to using only company devices. These devices meet the minimal security benchmark, their hardware is designed to work within a corporate network, and the software has been optimized to cater to the specific needs of the individual user within the company environment. 

 

Secure Networks

 

Home networks and free WiFi available at cafes, libraries, or other public places carry a steep security price tag. In other words, these networks have weaker protocols, unencrypted traffic, and are insecure. Cybercriminals target such environments, leaving cyber mines that activate when a user of interest uses the network. Hence, remote workers should ensure that they use secure network traffic. If the employee didn’t have access to secure WiFi, the company should provide Hotspot. 

 

Weak or Insecure Passwords 

 

Passwords are mandatory security protocols that protect the gateway to data and information. However, they become less relevant and incredibly easy to crack when they are simple or weak. Weak passwords are often short and guessable. Furthermore, if an insecure password is used across several platforms, it allows hackers to gain unauthorized access to multiple accounts in a very short period of time.

 

Conclusion

 

Finally, if you notice new programs that were not previously installed, your computer slowing down, strange pop-up ads on your screen, or you lose control of your mouse or keyboard, then your device might be under attack from hackers. Be sure to notify your company’s IT administrator so they can immediately mitigate risk. These threats can have damaging impacts on businesses. Therefore, employers must rapidly ensure the security of every device or system being used. 

Work From Home Policies

In the past, work from home was rare and unpopular because many employers believed their workforce could be easily distracted at home. However, the pandemic has fast forwarded this practice to almost become the norm in some sectors. Employers have begun to see the many benefits of the work from home model, which includes increased productivity and efficiency, protected public health (especially with the outbreak of Covid19), less need for office space, and so on.

 

Also, the enabling technologies for implementing work from home are increasingly more available and easily accessible. Employer’s now more than ever must create work from home policies to ensure productivity and prevent lapses in workflows across the various levels of operations.  It is also imperative to discuss the various ways the employee must comply with policy to ensure that company data is secure and uncompromised. 

 

Determine which roles can be done remotely

 

It is crucial to know from the onset which roles can shift seamlessly from the office to the home because some functions within the organization demand physical presence. For instance, a forklift operator cannot function from home, whereas a software developer can easily perform their duties from anywhere via a laptop and internet connection. Also, investigate those roles that are office-bound, or warehouse-bound and find out what functions can be performed remotely by those in these roles. 

 

Decide what rules and company policies should be followed

 

It is critical for employers to clarify which rules, regulations, and policies of the company still apply to work from home and what is new for those that work from home. Because these employees will want to know exactly what is expected of them in this regard. Usually, all standard company policies and resources such as code of ethics, attendance policy, professional code of conduct, sick leave, and the confidential agreement still apply. 

 

Establishing metrics to measure the success of your remote model policy

 

Metrics and goals should always be a part of day to day work no matter where your employee has their ‘office’.  So, I won’t get into that here because I also feel that there is a level of maturity and responsibility that goes with work from home.  It goes towards the concept of Results Oriented Work Environment; ROWE, that was introduced a few years ago.

 

Items to Consider in Updating Policies:

 

Technology:  Employees need to make sure they have the right technology to complete their tasks.  If there is a work from home budget allowance, specify what kind of technology they should have.  Often, cheap comes with poor security so you should allow for software, subscriptions and hardware in that budget that have security as a priority instead of free software that leaves your data vulnerable.  Also, make sure that they have their own secure, Wi-Fi connection, using a free or mobile hotspot might not give the security or speed your employee needs.  This is particularly important for REMOTE workers since they are mobile, their internet connection may change from day to day. 

 

Access to work systems.  We have come along way since Citrix Remote Access and I still cringe to think about how S L O W Citrix was.  But happily, with the advent of Dropbox, GDrive and Office 365.  Enterprise solutions allow you to control how your employees access company data.  Again, this is where free can get you in trouble.  An enterprise solution will also allow you to REMOTE WIPE a device if (or should I say when) your employee misplaces a laptop or phone.  Or, if you need to terminate employment.

 

Tech support.  Pro-actively offer the assistance of your internal tech support to ensure that the technology and hardware that your employee is using is fast, effective and secure.  This is not the time for self-help measures.

 

Client confidentiality.  While security and connectivity are important, consider that now, your employee may not have a designated workspace at home.  Important documents maybe be available for anyone to read if their workspace is, let us say, the kitchen table.  BE CLEAR that all documents should be securely held where third parties cannot view or access.  Or, that no printing is allowed or encouraged.  After all, haven’t we come so far with paperless offices?

 

 Communication.  Your Policies should also include HOW you want your employees to communicate with clients and internally.  Data retention policies need to be adhered to regardless of medium.  Encourage the use of internal tools like Microsoft Teams, or Google Meet to control the data retention and security.  The use of texts is now a normal day to day work occurrence but your employee’s should be aware that even that should be subject to data policies and act accordingly.  A best practice should be communicated to your employees.  

 

It is important to be clear about how and where you want your employees to work remotely or from home. 

 

The goal here is to discuss security and policy that will help your company stay compliant with IT security and other regulations such as privacy.  And moreso, how education is so important that your employee understand the why behind these policies.

 

Conclusion

 

 

A work from home policy is essentially an agreement that outlines everything needed to allow employees to work from home without causing any disruption to company goals and procedures, and these tips will help employers do just that.  While the above are general guidelines, every company has specific needs.  Talk to us today to help you update your policy!

Work From Home vs Remote Work

Remote Work and Work From Home are not the same...

Work from home is remote work BUT remote work is NOT work from home.  Understanding the difference and implementing compliance and policy will make all the difference in your business.  The current pandemic has forced the hands of many businesses to adopt these, what have been in the past, unorthodox work methods.

 

Many people understand remote work as working from home, and they are not wrong per se. However, remote work has a broader meaning. It is work that doesn’t take place in a traditional office—in other words; a remote job means you won’t be driving to the same physical business or office building Monday through Friday and staying there for the duration of an eight-hour shift. Keep in mind that a non-traditional workplace can be anywhere with high-speed internet access like any co-working space or even a coffee shop. While work from home is a subgroup of remote working environments, there are huge differences between the two options, as you will get to understand in this article.

 

Work from Home 

 

Working from home means that you have a full-time job and flexibilities that allow you to work from home when needed. For some employees, it means being able to balance the demands of others who depend on your help with the demands of paid work. This practice has become more accepted as organizations continue to evolve and understand the ever-changing needs of their employees, especially when it comes to schedules. For instance, an employee may have a medical appointment on a particular day, and it’s more productive for her to work from home if the commute from her home to the doctors is just a short distance away. 

 

However, if you choose to work from home, you must put systems in place to be successful—things like a dedicated home office space, a defined work schedule, and clear boundaries for friends and family. No matter how flexible your schedule is, you need to plan ahead and know when you’re going to work. After these arrangements are established, your home can become an ideal workplace, even while juggling domestic tasks.

 

Remote Work

 

Remote working, on the other hand, is synonymous with a digital nomad, a person who can work from any place in the world, with his/her digital devices and access to a fast internet connection. As a remote worker, you can connect with your employer or teams digitally while seated at Café or sunbathing in a resort halfway across the world. Also, a remote worker may never have to meet their employers physically, due to their variable location and most likely won’t be required to attend company events or training in person. However, a remote worker must always be reachable and available for online meetings in case vital information is needed to be passed or for necessary discussions. 

 

Of course, remote working also means that you don’t have a set office time, and your schedule and hours remain yours to develop, and you can move from remote workplace to remote workplace as you see fit. Organizations often employ the services of remote workers, who already have good working experience, for smaller projects since little to no training is required. 

 

While work-from-home opportunities entail commuting from your bedroom to your office—pants optional and pajamas welcome—working remotely outside the home has more ‘x’ factors built in.  Working from home means that your environment is static.  Same internet, same desk, same space to keep your laptop. Working remotely involves traveling from your home to wherever you choose to work and being in a public or semi-public environment.  This can pose many risks since internet connection can be compromised, human error increases exponentially to leave your technology unsecure or even lost!

 

This being said, it is extremely important that while the trend may be work from home that can blur to remote work, you, as a business, need to ensure that you have the right technology, practices, protocols and security in place to ensure that your employee’s choice of venue does NOT leave your company vulnerable.