A "remote" reminder
13.05.2021Back to blog list
What should be done to ensure better employee experience from security viewpoint
Configure connection to internal services via VPN using two-factor authentication
Make sure that all the services are available outside the office and assess Internet and backup communication channel bandwidth
Install service performance monitoring system. Software is needed for prompt notifying of specialists responsible for risk mitigation of problems in services operating
If an employee works from home on a private PC, you should control operating system and software update installation, antivirus software package proper functioning, conduct malware and virus scan, configure access to terminal servers, provide two-factor authentication.
In case an employee works on a corporate PC – deny employee access to corporate laptop BIOS so that it couldn't boot the operating system from a flash drive, enable drive encryption (Windows BitLocker or similar) on the laptops taken outside the office and configure backup to the corporate cloud.
If your company has a time-tracking or performance evaluation solution installed then it is important to adjust the settings properly:
- Decide on which specialists should be monitored
- Make sure all the holidays, days off, lunch time are considered by the solution as well as working extra hours is detected
- A specified interval can be set to check user activity, for example, 10 minutes of user passiveness can be put as acceptable
When disorderly time during web surfing becomes an issue, the problem can be solved by adding some websites into a category and get alerted any time someone opens a forbidden website during work. Each category can have a productivity coefficient, thus if, for example, a PR manager needs to work with social media a lot, the time spent on social networks will be productive and not wasted.
The same goes about processes – the needed processes can be picked from the list and have the corporate ones added to them, and after productivity rules should be set for usergroups.
During remote work employees use cloud services even more often than usual for corporate documents exchange which poses extra risks. All the data which gets stored in the cloud can be monitored – incoming and outgoing information served by the popular cloud solutions as well as files transferred via RDP such as TeamViewer, RAdmin, RealVNC, LiteManager.