Proton VPN のホームページ
ProtonVPN

Your remote workforce should be as digitally secure as any in-office workforce. Fortunately, the same tools that can enable you to operate a distributed workplace, like VPNs and collaboration software, can help you keep your data safe too.

In this article, we’ll cover eight steps you can easily take to secure your network — no matter where your employees are working.

  1. Offer reliable, secure hardware and software
  2. Require two-factor authentication
  3. Instruct your employees to change their home router password
  4. Select the right VPN
  5. Ensure VPN use
  6. Limit access to internal servers
  7. Encrypt group calls
  8. Protect employee text messaging

We’ve also included an employee checklist at the end of this article to help you guide your remote employees in securing their work.

What are the threats?

First, it’s important to understand what you’re securing your workplace from.

In most cases, you’re simply trying to protect your company from the common cybercriminals who target all of us online to steal personal data for financial gain. They may not actually be singling out your business, but their impact can be huge. Internet scams cost businesses and individuals a combined $10.3 billion(新しいウィンドウ) in 2022 in the US alone — and likely more, as cybercrime is underreported. 

These include all kinds of attacks, ranging from phishing(新しいウィンドウ) to ransomware(新しいウィンドウ). If a hacker steals your data and demands payment, you may decide you have no choice but to pay. Or if your customers’ personal data leaks onto the dark web, you could be subject to huge fines for violating data protection laws(新しいウィンドウ).

Secure your remote workforce

There are multiple ways to mitigate the risks. Many of these start with prioritizing security, both at a management level and in your employees’ habits. We address this in the checklist below. But apart from training and awareness, there are also technical safeguards you can put in place. Here are eight you can work toward right now.

1. Offer reliable, secure hardware and software

Businesses are responsible for their employees’ hardware and software, even when the devices are outside office walls. Employees may choose hardware and software that are ill-suited or not secure for their work if left on their own. While your employees are responsible for following security best practices, expecting them to assess software and hardware security is unfair and unlikely to lead to good results.

Have a security expert, ideally your IT support team, advise employees on what hardware they should choose, including laptops, printers, cellphones, external microphones for remote meetings, etc.

Also advise them on what basic software they need. This includes office suite software, internet browsers, and email clients.

2. Require two-factor authentication

Whether your employees work from home or the office, you should require two-factor authentication(新しいウィンドウ) (2FA) on all workplace accounts and encourage it on personal accounts. This adds an extra authentication layer when logging in, so even if an attacker steals someone’s username and password, they won’t be able to access the account. 

2FA should be enabled for email, VPN, chat apps, cloud storage, CRMs, and anywhere else your employees access your network. Typically you can require 2FA from your administrator settings.

3. Instruct your employees to change their home router password

Personal home routers usually come with a default password printed on the bottom. Many people never take the time to change these passwords, making their routers vulnerable to hacking. Make sure your employees change and save their router password, just like they would manage any passwords in the office (using the password manager(新しいウィンドウ) that you have provided them).

4. Select the right VPN 

As a company with a remote workforce, you need a high-quality VPN, or virtual private network. A VPN will protect your employees’ privacy and security no matter where they are connecting to the internet. We developed Proton VPN for Business(新しいウィンドウ) specifically to address the most critical security needs of small- and medium-sized businesses.

Here is what to keep in mind when selecting a VPN:

5. Ensure VPN Use

No matter how advanced your VPN is, if your employees struggle to use it or avoid using it, that VPN is not valuable. 

To ensure VPN use, enable the Always-on and kill switch features that your VPN provider should offer. The Always-on feature ensures your employee’s device always connects to the internet through the VPN server. If that secure connection is lost for any reason, the kill switch feature kicks in and stops traffic to keep your employee safe.

Another common reason remote workers avoid working through a VPN is that they get blocked from websites that interpret them as threats. Proton VPN’s alternative routing(新しいウィンドウ) technology allows your employees to bypass most firewalls and VPN blocking methods so they can go about their work unimpeded.

6. Limit access to internal servers

Even if you’re a small business, not all employees need access to all internal resources and databases. This kind of access can be especially dangerous if workers are remote. Set up your VPN to control access permissions.

As the admin of the VPN, you can assign an employee or group of employees to one or more dedicated VPN server IP addresses (also known as ‘gateways’) based on what you want them to have access to. Through this segmentation system, your company’s internal server(s) will recognize and allow access requests from the VPN servers you have configured for that permission, rejecting all requests from any other VPN or regular internet servers.

Beyond giving you flexible, granular control of access, this adds an additional layer of protection: Even if a bad actor obtains the username and password to an internal server resource, they will not be able to access it because their device will not be using the assigned VPN server.

7. Encrypt group calls

With remote work comes remote meetings. Make sure you are protecting those meetings.

Wire(新しいウィンドウ) is a group audio and video conference platform that utilizes zero-knowledge encryption similar to the model we use in Proton services. It can host up to 100 users in a meeting at the same time. It is independently audited and open source.

8. Protect employee text messages and emails

Remote employees are more likely to text and email each other than in-office employees are. As a business, you need to protect that remote work product too. 

Signal(新しいウィンドウ) is considered the most secure messaging app. It end-to-end encrypts one-on-one messages as well as group messages. It works on both Android and Apple phones, as well as Linux and Windows setups.

Proton Mail(新しいウィンドウ) is our email service and the largest end-to-end encrypted email provider in the world. It offers advanced features like expiring(新しいウィンドウ) and Password-protected Emails(新しいウィンドウ), encrypted search(新しいウィンドウ), and productivity features like snooze(新しいウィンドウ).

Remote employee security checklist

People are usually the weakest link in the security of any system, including your organization’s network. Phishing attacks are designed to take advantage of this fact. To mitigate this, we recommend regular security trainings and reminders.

Below is a security checklist you can share with your employees and modify to suit your workplace as needed.

Use your work device securely

  • Keep non-essential applications off your work device and secure it when not in use, even at home.
  • Lock your device screens with strong passwords any time you are not using them.
  • Report lost or compromised devices immediately to ensure sensitive data is secured.
  • Turn off Bluetooth if you’re not actively using it.

Data encryption

  • Encrypt the hard drives of your work devices to safeguard sensitive data.
  • Activate encryption systems on Android, iOS, macOS, and Windows devices and securely store the recovery codes.

Encrypted communications

  • Use Proton Mail for private and secure communication.
  • Set expiration dates for sensitive messages to enhance privacy.

Update your software

  • Keep all operating systems, programs, and applications up to date. New software versions often contain patches for security vulnerabilities.

Strong passwords

  • Use strong, unique passwords (at least 16 characters) for each account.
  • Utilize a reputable password manager for password management.

Two-factor authentication

Secure network access

  • Avoid sending sensitive information through unsafe external applications.
  • Connect to your work computer through a VPN with secure protocols for added security.

Secure home WiFi network

  • Change the default password on your home WiFi router to a strong, unique one.
  • Enable encryption, preferably WPA2, on your home WiFi to prevent unauthorized access.

VPN usage

  • Connect to your company’s VPN when accessing company resources.

Video conference security

  • Ensure no sensitive information is visible during video conferences or screen sharing.
  • Password-protect all conference calls to prevent unauthorized access.

Stay alert for social engineering and phishing attacks

  • Never click links, download attachments, or scan QR codes from unknown or unexpected senders.
  • Refrain from sharing screenshots of video conferences or sensitive information on social media.

関連記事

What is vanish mode on Instagram
en
  • プライバシーを深掘り
Instagram 's vanish mode allows you to send messages that disappear once they are read. It can be fun, but it is not secure.
Does Instagram show who viewed your profile?
en
Can you see who stalks your Instagram? Here's what to know and how to stay safe from Insta stalkers.
Change WiFi name
en
  • ハウツー
Change your WiFi SSID to take control over your network. We show you how.
What is my SSID?
en
  • ハウツー
In this article, we'll show you how to find the SSID of local networks on Windows, Mac, Linux, iOS, Android, and more devices.
How to avoid surveillance pricing
en
  • プライバシーを深掘り
Surveillance or personalized pricing means the price you see is not the same others see. It's based on how much algorithms think you're able (or willing) to pay.
How to disable UPnP on router
en
  • プライバシーを深掘り
What is UPnP, what is UPnP port forwarding, and should UPnP be on or off? We take an in-depth look at UPnP.