A recent Gallup survey reported that the average U.S. worker is now remotely working an average of two days per month, with 46% of telecommuters doing so during the workday. With the holiday schedule (and busy season) upon us, professionals may be working away from the office more often, but still need to focus on keeping their clients' data safe.
Bill Thompson, president of national risk management and insurance provider CPA Mutual, encouraged a smarter sense of remote work in a new release. As firms regularly handle sensitive client data, Thompson reminds professionals that "security can be compromised if a mobile device or a wifi network isn’t secure."
“Allowing your firm the flexibility and added benefit of remote work can be good for retention and recruitment, as well as productivity,” stated Thompson. “Consider all your firm’s options to protect client data in this new environment, whether it’s employee training, secure cloud technology, or supplemental liability coverage. Because rules may vary from state to state, it may be a good idea to consult with a local experienced attorney in your area.”
Thompson offers the following tips to reduce human error in remote work:
- Use a secure data portal to gather client information: Limit access to necessary personnel only and provide client-specific passwords and links.
- BYODP – bring your own device protection: If your firm allows employees to use their own devices for work – a laptop, tablet, smartphone – ensure that the device is secure with updated firewalls and anti-virus software.
- Review and enforce data security policies: Hackers often target “back-door” access points to gain entry to company servers. They include the wifi at your favorite café and the apps you use. Once they get into the mobile device, hackers can access sensitive emails and any open portals from that device. Employees should log off of portals and servers and change passwords frequently. Keep devices locked when not in use. At a minimum, employees should only log-on through a secure remote client or approved server.
Thompson also advises the following for protecting firm information while working remotely:
- Properly vet your cloud service: When selecting a cloud-based vendor, be prepared with questions about security and their contractual liability if your system is breached due to solution error or their personnel. Ideally, the vendor will carry some liability coverage for incidences involving a breach of client data security.
- Limit access: Who has the most need for the data? Often, access to sensitive financial, HR or client information is broader than it needs to be.
- Exiting employees: Have a process for shutting down access by former employees that extends to all programs, apps and devices as soon as possible. If former employees used a company-owned mobile device or smart phone, make sure the device is turned in or, if it isn’t, can be wiped remotely as a fail-safe option.
For more on CPA Mutual, head to their site here.