The topic of remote working comes up quite often from individuals and a few of our customers. The pros of remote working may be that you spend less time on the daily commute and have lots of change left over from not buying the tickets. The cons may be that your use of your utilities (e.g. electricity) goes up and you are stuck limited to the designated working environment.
If you are working for longer periods remotely or due to a pandemic, then your company may carry out a risk assessment (for a team of five or more) under the Management of Health and Safety at Work Regulations 1999 in order to prevent harm including work-related mental health, hazards or noise. If you are spending a long time using display screen equipment then you may need to take adequate breaks.
By assessing the risk around you this gives you the opportunity to put controls in place. This assessment will see if there is contact with other team members, someone you can reach out to when you are stuck or if you interact with the team.
For those who are not working remotely, a risk assessment may be carried out in the office to see if a reported case causes further impact on others around them. For example, a company may decide to clear certain floors or have surfaces cleaned.
Remote Working Policy
The reference to a remote working policy often comes up when you are not regularly in the office. Does your business have a remote working policy? If yes, then the first port of call is to see if you can locate the latest version. In the absence of such a policy, it is important to have one for your business if individuals work away frequently from the office or are away from the office for longer periods due to things like an epidemic.
Things which you may want to include in a remote access policy should outline the risk, the equipment it applies to, individuals responsibilities, the tools to protect unauthorised access and the level of access given to individuals in line with the access policy.
Login with Your Equipment
Whilst you are based in the office you are in the secure office network and working remotely should also be secure. There may be restrictions on using public wi-fi. Log into the business with your usual username and password and system will then grant you access.
Before it can do this the system with either authenticate on the active directory controller or through token to give or reject access.
Your business may also use secure remote access token as two-factor authentications using a fob as part of the login before you are given or rejected access. This is simply to manage the identity of the user accessing the system.
This request will most likely go over a secure virtual private network tunnel creating a private network.
Bring Your Own Device (BOYD)
There will be times that individuals in the business may install, for example, an email application to access the business email remotely on their mobile device. Where the business has not provided a device to an individual, any usage on a personal individual’s device may be subject to BOYD policy.
Does your business have a bring your own device (BOYD) policy? If yes, then locate this and see what this allows you to do. In the absence of such a policy, it is important to have one for your business. Bear in mind that you could end up supporting a wide number of devices with no standard software builds you probably want to reduce your support and security risks as a business.
If you were downloading software on your BOYD laptop for their 5-year-old to do their schoolwork thinking it is safe then you manually override the security software warning and use the software. Next time you switch on, you can’t use the machine as the screen flicks continuously. This is likely to end up with a rebuild. This can cause delays and you losing any work. Having the latest updated version of the security software will save you a lot of headache in the long run and avoid downloading software even if recommended which shows warning signs.
You may continue to get some unusual emails in your inbox and so on if there is a file attachment which does not have a sender, it is from another source which you are not aware of then be cautious about opening such email.
In the office whilst you may be able to print using a secure login and shred restricted documents, it may not be the same in the remote working environment. You want to protect the restricted documents on wi-fi access printers and from someone just mistakenly taking it away. You may keep hold of paper print out of restricted documents and dispose of them securely when you are back in the office or shred at home if allowed in your business policy.
Conference Call Applications
The default version of a conference call application (e.g. MS-Lync, Zoom) provided by your business is going to be one to use as part of a standard build. The appropriate level of encryption (end to end encryption) should be adopted on these applications even where free unsubscribed accounts are used. It’s also flexible if the same application allows you to chat with your team members and show or view documents in a secure environment. Ensure that any privileges are set up or approved internally allowing you to do this. There is nothing more frustrating when you have to attend a meeting but can’t view or show a document with the rest of the team.Want to Find Out More?