There are a lot of security guides that go way over the top. The issue is that with more security, there will always be more employee time lost. Many people get paranoid when thinking about these issues and start implementing time consuming rules using complex authentication systems. If you follow a simple and basic security workflow, even if you are working on something really important, you make it hard for anyone who wants your data. For sure there are those business, government, and military personnel who really can’t work from anywhere else but in a secure office because their work is important for the security of millions of people.
1. Use generated passwords.
Use a tool such as 1Password or passwordBox and let it generate the passwords for you. It’s simply impossible to remember dozens of really secure password combinations. This makes it so that you only need to remember one, and the rest are remembered for you.
These tools can also improve your work in numerous other ways. If you’re working in a company that has a large amount of passwords, a great way to keep track of them is to make a company wide “vault” of passwords that you share by using one of the file sharing methods such as Dropbox or Google Drive. Basically it works in a way that if a person adds a company password, everyone with access to that vault has the password straight away on their computer.
Most businesses don’t need and should not strive for military grade security.
2. Use Sleep passwords
If your device doesn’t get touched in five minutes, set it to have an automatic password. And please use a relatively hard one to crack. This is the simplest way you can prevent outsiders from getting access to your data. This may be even very important ordinary office settings when you’re going lunch and leaving your laptop on the table.
3. Data encryption of hard drives
Encrypt your data on your devices. If your device gets stolen, it takes much more effort to get access to your data that is on the hard drive, and you can safely leave your device in places that it should not be in. If you’re a Mac user, setting up data encryption is laughably easy. Just go to your security settings, and enable it. That’s it. And most companies still miss these simple settings.
4. Set up a remote data wipe service for your mobile phone.
Nowadays everyone has a smartphone, make sure its secure. In many cases your smartphone contains all of the same emails, and some of the important data that your personal computer would. So to secure your mobile phone, setup a service that if you lose your phone, you will be able to do a “hard reset” on the phone from the service.
5. Use two-way authentication on emails
If someone gets access to your email, they can become you. Think about all of the passwords on the services you have that are online. What happens if you go to press “forgot password”? They only need your email to change your password in many situations. To cover your emails from being used, use a two-way authentication service. What it does is to simply send you an SMS each time you’re working from a different computer to verify that it’s actually you using the email. Most of the major email providers like Gmail and Outlook provide this service without any extra cost, and you should really be using it to secure your emails.
6. Just Realise that you will never be 100% secure when working remotely
If you’re really worried about security, or your clients need you to provide a high security focus, you need to consider can you actually do that. The steps above cover the basic securities. But if you’re going against the big guys in the world and need to hide your information from the NSA, working remotely is just not possible without taking huge precautions.
Cutting yourself off of the internet and physically bringing your work to your office is the only way you can actually be a 100% secure in today’s world. Just remember that 99% of companies have no need for securing their data from the NSA or any hacker groups.