Having your elite team of SuccessFactors and Workday contractors all over the world may be the best way of pooling exceptional talent but remote working has its pitfalls too. You may have dedicated, hardworking consultants but if their systems are not up to scratch or their attention to detail in security matters is lacking, you could end up with a data security disaster. This is our guide to the key considerations regarding data security for remote workers;
Inform & train employees on data security
You can’t expect everyone to comply with your data security protocols if they don’t know about them. Companies have different systems and if you’re taking on remote contractors they may have experienced very different security policies. If you’re really going to take security seriously providing an emailed policy with a check box to confirm they’ve read it won’t cut the mustard. When hiring you need to ensure that security is a priority with contractors – they need to demonstrate a genuine and thorough understanding of what is standard and what is expected by your company.
E-learning for remote workers is becoming standard now and can be an effective way of instilling best practices. Essentially, it’s the hirer’s problem if a security breach happens so it’s also your responsibility to minimise the chances of it happening.
Other software and files
Most remote workers use their own hardware and what they keep on there is their business, but it’s not, of course, if it interferes with company data. Many companies provide a list of approved apps but it’s difficult to police and also even the most popular, mainstream apps have sometimes been known to open security issues. An approved app list is a good starting point. For remote employees, company hardware is essential but for contractors, it’s more difficult.
A good contractor normally has a ‘clean’ computer for work and a separate personal computer. Ask what firewalls, encryption and preventative software they have in place. It’s good to make sure you understand exactly how the contractor is working so that your IT staff can provide a specific audit on the contractor’s hardware and software.
Secure networks & secure devices
Ensure contractors are not dealing with sensitive data on public wi-fi networks. Depending on the nature of the work it might suit you to prohibit working from public wi-fi altogether – many companies do. Ideally, you’ll want workers to use a VPN (Virtual Private Network) but on the other hand, if you have any doubts about their security skills you may want them to remain off the main network.
Finally, remember the real danger of loss and theft of devices. It’s not just a case of them selling the devices, cybercriminals know the value of what you have stored on them and one lost device should be taken very seriously. Strong password hygiene can at least delay the fallout.