Below are workplace security measures that employees should follow:
Provide Clear Guidelines
If your organization is allowing employees to choose their own devices, provide clear guidelines about what kinds of devices are acceptable and make a list of approved applications that can be used on that device.
Use Two-Factor Authentication
Require all remote users to use two-factor authentication whenever they log into the company’s network. This way, even if a remote user’s device is compromised, an attacker will not be able to log in without the employee’s second factor.
Monitor All Systems
Whenever employees are working remotely, they should be able to access all the systems and applications they need to perform their job functions.
To ensure that they can access these applications, they should use Virtual Desktop Infrastructure (VDI) to create a virtual desktop infrastructure (VDI) environment with the appropriate software applications and security patches. This way, the physical location of these applications will not matter as long as the remote employee has access to them.
Limit Where Remote Employees Can Access Files
If your organization does not have a VDI solution and allows employees to use personal devices for work, employees should not be able to access files. For instance, from their home computers or from any other device. That is not part of your organization’s network. They should only be able to access files from their work computers or devices.
Implement Physical Security Controls
Employees should be required to lock their devices when they are not in use, even if they are using a secure authentication mechanism such as two-factor authentication.
In addition, if an employee is using a device that is not part of your organization’s network. Then, it is important to ensure that the device is not vulnerable to physical tampering.
Employees should also be required to log out of work applications when they leave their workstations. This will prevent someone from accessing the employee’s virtual desktop from another location.
In addition, employees should also physically shut down; or eject all removable media, including CDs and DVDs. That is, before leaving their workstations. This will prevent someone from accessing the contents of the disc remotely.
Implement BYOD Policy
If you decide to allow employees to use their own devices for work, you should also consider implementing a Bring Your Device (BYOD) policy. BYOD is a highly effective way to introduce mobile device management (MDM). Not to mention, to gain greater control over the mobile devices that your employees use at work.
By implementing BYOD policies, you can gain greater control over the security of employee devices as well as the content that they access. Remote users can have an issue on their smartphones or tablets; and have their apps and settings under management by your organization. This will help ensure they are not accessing any unauthorized content or applications.
With BYOD, you can also restrict the number of time employees spend on personal communications. Also, limit the amount of personal data that is on their devices. For example, you could disable email service for personal accounts and require that all emails should be coming from an organization-issued account.