Require employees and vendors to use secure connections when connecting remotely to your network.
They should:
- Use a router with WPA2 or WPA3 encryption when connecting from their homes.
- Encryption protects information sent over a network so that outsiders can’t read it.
- WPA2 and WPA3 are the only encryption standards that will protect information sent
- over a wireless network.
- Only use public Wi-Fi when also using a virtual private network (VPN) to encrypt
- traffic between their computers and the internet. Public Wi-Fi does not provide a
- secure internet connection on its own. Your employees can get a personal VPN
- account from a VPN service provider, or you may want to hire a vendor to create an
- enterprise VPN for all employees to use.
WHAT TO DO TO MAINTAIN SECURITY
- Include information on secure remote access in regular training and new staff orientations.
- Have policies covering basic cybersecurity, give copies to your employees, and explain the importance of following them.
- Before letting any device — whether at an employee’s home or on a vendor’s network — connect to your network, make sure it meets your network’s security requirements.
- Tell your staff about the risks of public Wi-Fi.
Train your staff
Give your staff tools that will help maintain security:
• Require employees to use unique, complex network passwords and avoid unattended, open workstations.
• Require multi-factor authentication to access areas of your network that have sensitive information. This requires additional steps beyond logging in with a password — like a temporary code on a smartphone or a key that’s inserted into a computer.
• If you offer Wi-Fi on your business premises for guests and customers, make sure it’s separate from and not connected to your business network.
• Consider creating a VPN for employees to use when connecting remotely to the business network.
•Include provisions for security in your vendor contracts, especially if the vendor will be connecting remotely to your network.