Serving Colorado's Counties

Technical Update 46 - Data Security for Telecommuters

September 8, 2020

The COVID-19 Pandemic forced many businesses and organizations to embrace telecommuting almost overnight. While telecommuting was a popular benefit with employees and employers alike before the pandemic, the rapid move to telework has led to some challenges. One of which is maintaining the security and integrity of company data and networks with so many workers logging in remotely.

Increased Risks

There are three ways telecommuting employees expose data and networks to risk.

  1. Open Wi-Fi Networks – Employees who telecommute may think nothing of logging into an unsecured Wi-Fi network on their company-issued phone or laptop; however, hackers often target these networks with keylogging software and malware. Once compromised, the telecommuters’ device can then infect your entire network.
  2. Non-authorized users – Once a company device has left the office, the company has no control over who has access to it. Risks range from device theft to use by a family member who accidentally or unknowingly erases essential information.
  3. Altering/Not Updating Security Settings – Security software (e.g., antivirus, antimalware) installed on company equipment needs to be up-to-date and frequently used to be effective. Remote devices may have outdated virus/malware definitions, or the user may have altered security settings to bypass company firewalls on restricted sites. Either of these things can create a hole in network security that can be easily exploited by hackers.

Protect Data

While telecommuting does pose security threats, there are steps you can take to mitigate them.

  1. Acceptable use policies – Draft a policy that covers where company-issued equipment can be used and that restricts device access to only the employee. Make sure the terms of the policy are known and acknowledged before an employee begins telecommuting.
  2. Encrypt data – Set up a virtual private network (VPN), which allows data and internet traffic to be encrypted. It also lets you limit which parts of the network remote employees can access. Also consider encrypting and routinely backing up all data on remote devices in case the device is lost or stolen. Commercial encryption software is available from numerous vendors.
  3. Automate security – Whenever possible, make security automatic. For instance, set antivirus/antimalware software to update and scan automatically. Also, require all employees to have a strong alphanumeric password that expires at regular intervals. Limit the ability to change security and firewall settings on company-issued machines to administrative access only.

What this Means to Counties

As employees have exchanged the business office for the home office in record numbers this year, it is vital to beware of the security risks that come with telecommuting. Educating yourselves and your employees is the most important step in creating a secure network. For more information, please contact CTSI’s at 303 861 0507.

A PDF of this Technical Update is available here.

News & Updates

Technical Update 56 - Winter Driving: Preparing Your Vehicle

Winter in Colorado often brings icy conditions, snow, and slick roads. While it is always best to stay home when road conditions are poor, winter driving is necessary for many Coloradans. Ensuring that your vehicle is properly prepared for winter before poor road conditions set in can help prevent accidents. AAA recommends that drivers have […]

Read More
Technical Update 55 - Accident Investigations

Should a workplace accident occur involving employees, property damage, subcontractors, or the general public, the county should conduct an accident investigation to find the accident’s root cause and implement corrective measures to prevent future accidents. According to the CTSI Loss Prevention Manual : A good investigation identifies the root cause(s) and allows the supervisor to […]

Read More
Technical Update 54 - FSAs, HRAs, and HSAs

Flexible Spending Accounts (FSAs), Health Reimbursement Accounts (HRAs), and Health Savings Accounts (HSAs) are tax-advantaged accounts used to pay for certain qualified medical expenses such as co-pays, prescriptions, dental, and vision costs. Employers can offer any or all of these accounts as a benefit to offset healthcare costs. These accounts use pre-tax dollars and must […]

Read More
Newly Elected Officials Seminar
Read More
Technical Update 53 - No Campaigning on the Job

A February 2020 Gartner survey on politics found that 78% of workers discuss politics at work. Thirty-one percent of employees surveyed said that these discussions were stressful and frustrating, while 36% reported avoiding talking to or working with specific co-workers because of their political views. Politics can be a divisive subject, and it is best avoided […]

Read More