fbpx
Inner Page Banner
8 Feb 2022

“Remote Work” is a cybersecurity tool for employees

“Remote desk/working” is now a very common topic.

 

 

For convenience, employees of the organization can do office work from anywhere outside, and they use different types of devices to complete the work.

 

 

How safe is it to work on an office laptop using a coffee shop’s free Wi-Fi or access files on the company’s cloud using a personal smartphone? According to a current study, the average number of cyber incidents involving employee negligence increased 26 percent from 2016 -2018.

 

 

Let’s take a look at what steps can be taken for employees’ cybersecurity in the case of remote desk/working:

 

 

1. Provide access to device and data as per employee’s requirements:

 

Devices should be provided to employees of the company based on their assigned tasks.

 

For example, those who work in the sales team can use smartphones with GPS trackers, but those who work in call centers do not need an official smartphone, and a desktop computer may be enough for a front desk employee.

 

“Role-Based Access Control” model can be used for data access.

 

By using this model it is possible to increase information security by controlling employees’ access to sensitive information in the organization.

 

2. Using passcode and password on the devices supplied by the company:

 

Passwords and passwords must be controlled on devices provided by the organization.

 

If this small security is not guaranteed, then there is the possibility of plagiarizing large data.

 

When a company’s unprotected device is lost or stolen, there is a risk that the company’s confidential and important information is easily exposed to outsiders.

 

Password encryption as well as data encryption tools should be used to enhance the security of the information stored on the company’s device.

 

 

2. Use of Single Sign On (SSO) and Two-Factor Authentication (Two FA) in various company services:

Single Sign-On (SSO) solution can be used in applications used by the company for data protection, there are two benefits to using it.

 

 

Firstly, the employee does not have to remember the password for each application separately, secondly because the Two-Factor Authentication (TFA), the one-time password (OTP) on the mobile can be accessed to confirm the application.

 

 

Using these two features, it is possible to ensure sensitive data protection for the employee’s used device.

 

 

3. Install remote wiping on company-supplied devices

 

All of the methods we have discussed so far are about working if the company’s device is stolen or lost.

 

 

But if it is the case that any dishonest employee of the company wants to steal sensitive data of the company, which is known as an “Insider Threat”.

 

 

To reduce this type of throttle, software capable of remotely deleting data must be installed on the device supplied by the company.

 

 

4. Formulate and practice the “Bring Your Own Device (BYOD)” policy

 

 

If the “remote work” method is prevalent in the company, then there must be a BYOD policy which should be approved by the top management of the company. Subsequently, in compliance with those policies, employees will use official devices.

 

 

In addition, the Government of Bangladesh can follow the BYOD policy, which is contained in the Government of Bangladesh Information Security Manual (GOBISM).

 

By using the above methods it is possible to keep sensitive data of any organization, employee and company.

 

5. Formulate and practice the “Bring Your Own Device (BYOD)” policy

 

If the “remote work” method is prevalent in the company, then there must be a BYOD policy which should be approved by the top management of the company.

 

Subsequently, in compliance with those policies, employees will use official devices. In addition, the Government of Bangladesh can follow the BYOD policy, which is contained in the Government of Bangladesh Information Security Manual (GOBISM).

 

By using the above methods it is possible to keep sensitive data of any organization, employee and company.