More likely than not, your staff is working from home – and while we transition to a hybrid way of working (a few days in the office, a few days at home), this information might come in handy as you start to build your new remote working policy.
Information systems security
- Approved remote worker equipment – All employees working offsite should be using provided computer equipment unless other devices have been approved by internal IT.
- Malware protection software – All systems that access IT networks remotely must have up-to-date anti-malware packages on their systems.
- Advanced endpoint protection – All systems that access IT networks remotely must have an up-to-date endpoint protection software package installed that protects the system from advanced threats.
- Separate work and personal devices – Do your best to keep your work computer and home computer separate. You never know if one has been compromised!
- Encryption protection – All devices containing sensitive information must employ disk encryption for data files, provided by the IT department.
Device access control
- Remote Access to Networks – All remote access to IT networks must be made through approved remote access points that are controlled by the internal IT department.
- Session Logout – Always ensure you fully log out out of a remote session when you finish rather than simply closing it.
- Device sharing – Family members, friends, and others should not be using approved work machines. Dynamic password token cards, smart cards, fixed passwords, or any other access devices or parameters should never be shared.
Home network security
Follow the below steps to keep your home IT network secure:
- Change your router’s password from the default to something unique
- Change the name of your default home network
- If possible and allowed by your internet provider, disable Remote Access on your home network devices
- Always keep your router’s software up-to-date
- Enable a firewall on your network devices or ask your internet provider to do so, which can help secure your Wi-fi network
- If you use a wireless connection, ensure that it is encrypted using at least WPA with a non-default passphrase. If you’re on a public network, use a VPN.
- Separate Room or Workspace – Whenever possible, remote working must be done in a separate room or workspace that can be locked or secured from the rest of the house or coworking space.
- Keep devices sure – When approved devices must be kept at home, they should be put away securely after working hours, in a locked desk or cabinet if possible.
- Screen Positioning – The display screens for all systems used to handle sensitive information must be positioned such that they cannot be readily viewed by unauthorized persons, whether over the shoulder or through the window.
Remote system management
- Changes to Configurations and Software – Operating system configurations should not be changed and additional software should not be installed without permission and assistance from the IT department.
- Changes to Hardware – Remote working computer equipment must not be altered or added to in any way without authorization from the IT department.
- Software updates – You are responsible for ensuring your devices follow patching updates and software vendor updates at least on a monthly basis.
- Information disposal
- Provision of Secure Containers – Copies of confidential documents kept at home must be secured in lockable furniture.
- Paper Records Disposal – All printed copies of sensitive information must be properly shredded for disposal and never thrown away intact.