More people are working from home than ever, and that’s a reality that’s unlikely to change. Even before the pandemic, your employees were likely using phones and tablets to work on the go. Unfortunately, each of those devices has unique security vulnerabilities. How does your organization’s remote device security stack up?
Recommended Firm-Wide Remote Device Security Policies
Security is only reliable when its users follow best practices. We recommend setting and enforcing the following remote device policies at the user level.
- Make sure your employees aren't sharing their work devices with family, friends or other third parties. While family and friends may not be likely to steal company info, they could install third-party apps or change settings that could compromise security.
- Make sure employees keep work devices separate from home devices. In other words, only do work-related tasks on work devices and only do personal tasks on personal devices. While it might seem frustrating to switch back and forth, it’s critical for protecting your organization’s data and networks, as well as your employee’s personal information.
- Keep automatic timeouts short. While it might be frustrating to have to keep entering your password or biometric data, this prevents bad actors from accessing company information if you leave it sitting idle.
- Back up devices regularly. That way, if the device is lost or stolen, it can be wiped with minimal losses.
- Enable remote lock or wipe capabilities if lost or stolen. Encourage employees to promptly report lost or stolen devices so that appropriate actions can be taken.
- Educate employees on using a password manager. A password manager is a good security measure for home and work, allowing you to have strong, unique passwords for all your logins. Remind employees not to use the same password for home and work devices.
- Educate employees on social engineering. Phishing attacks aren’t just emails with poor spelling and grammar anymore. Phishing is getting more sophisticated. Remind employees to double-check sender email addresses, and if they receive a request for information that’s outside the norm, confirm it with a phone call.
- Keep work devices up to date. While software updates can be time-consuming, they’re essential to device security.
- Keep devices password protected. A long, unique password is best.
- Consider going a step further and using multi-factor authentication at the software level, and perhaps at the device level as well.
How Duo Helps
Cisco Duo offers a zero-trust security platform with adaptive policies that make device security easy, reliable and user-friendly.
- Multi-factor authentication: 81% of hacks involve a stolen or a weak password. Multi-factor authentication distributes the security burden that previously fell squarely on passwords’ shoulders, making the password one factor in a multi-factor security setup. Duo enables seamless multi-factor authentication on remote devices.
- Device visibility: Get the information you need about all company devices, including their risk level, access policies, general health and more.
- Flexible & granular policies: You can authenticate at the user, device and application level for adaptable security.
- Secure single sign-on: Make the experience seamless for users with a secure single sign-on that gives them access to everything they need.
Reduce Remote Security Risk
Clearpath works with clients around the globe to boost their security and improve their infrastructure. We offer objective advice and solutions tailored to your organizational needs.
Ready to learn more about how to reduce remote security risks? Download our guide, “Reduce Remote Security Risk With a 4-Pronged Security Approach: Identity, Device, Access & Activity” to learn more.