May 5, 2020

Remote Security Checklist For SMBs

While rushing to roll out remote work capabilities, many small to medium-sized businesses (SMBs) overlook vital security considerations. Now that working remotely has become the norm, users lose the protections of company firewalls, making IT security more critical than ever before.

The checklist below can act as a guide for SMBs to reevaluate remote readiness and prompts strategic decision making to ensure the integrity of company data, allowing staff to focus on production:

Communicate About Company Connectivity

  • Enable cloud-based solutions for corporate communication, version control, and data backup. Consider saving documents to a backed-up location like the company server, cloud server or cloud sync application to avoid data loss.
  • Consider hardwiring work devices into home modems, which can offer a more stable internet connection than WiFi. If working in practical proximity to a router and LAN connection port on the computer, connecting to the modem/router with a LAN cable can remove interference/signal drain as WiFi is shared among most home devices (Phones, OTT TV’s, Tablets, and more).

Secure Tech Systems with Tools & Staff Training

  • Connecting company devices to outside internet networks can create attack paths for security threats. Installing endpoint protection on remote devices can protect a company’s computer network.
  • Consider enabling multi-factor authentication (MFA) or security products for critical apps or email.
  • Install a web security app to prevent users from visiting malicious sites.
  • Conduct employee training on remote policies and best practices with the following basic security knowledge:
  • Beware of phishing emails, avoid using public WiFi, ensure home routers are secured (with complex passwords) and verify the security of devices that are used remotely.
  • Make sure work devices are shut down/locked and password protected when in a public setting and/or not in use.
  • Audit passwords to ensure they are complex and manage passwords with a tool like LastPass.

Account for Assets Accordingly

  • Take inventory of remote IT assets to prevent hardware “leakage.”
  • Avoid allowing remote access from personal PCs into business networks via VPN or Remote Desktop.
  • Enable conditional server access to restrict users’ access to the least privilege necessary.
  • Create a remote work and data protection policy for employees to sign.
  • Consider consistent security patch/update processes and reporting to ensure PCs are being maintained while operating remotely.

For help assessing the security and efficiency of your business technology, please contact Connecting Point at 970-356-7224.

Related Content