With nearly 12 million people telecommuting full–time in the United States, time at the office has never been so flexible. Telecommuting, whether every day or occasionally, can offer you and your employees greater flexibility and increased productivity. But with this long distance arrangement comes increased security issues.
Small businesses across the U.S. — and around the world — are discovering the many benefits to telecommuting. Whether dialing into the office network from a desktop at home, or utilizing company applications from a hotel room across the country, remote access lets you take advantage of your business server's resources when you're not in the office. Some of the benefits of this mobility include:
- Reducing or eliminating lengthy commutes
- Gaining flexibility in work and home life
- Access to the network while away from the office
- Conserving energy and saving money on transportation
Reviewing the risks
Even though telecommuting can enhance the way you do business, accessing your network from a remote connection has inherent security risks. Some of these risks are similar to vulnerabilities that exist in any small business network, whether it's accessed on the road or under the company's roof. But some of these vulnerabilities can be more easily exploited when you add the factors existing in telecommuting. A remote connection tends to be a weaker link because security measures are usually focused on the in–house network, not personal laptops and off–site desktops.
Here are some telecommuting scenarios and the risks associated with them:
- Your login and password can be stolen during transmission on an insecure connection.
- If you are computing at a conference or other public area, eavesdroppers may be able to see your login, password, or other sensitive information.
- If the remote computer is located at home, children, household members, or visitors can accidentally corrupt files or download malicious code, compromising computer security.
- If the laptop you are using is stolen, the thief could potentially gain access to the network.
Protect the connection
Whether you have full–time telecommuters or only occasional on–the–road workers, there are a number of tools you can employ to protect the connection between remote computers and your small business network. You can combine several of them to offer more secure communication.
Implement a security policy. A security policy outlines the safest practices and required security measures for your business. A telecommuting security policy will augment your in–house security policy, and it should also follow the same standards.
Use Norton Internet Security™. Norton Internet Security™ is a complete suite of security solutions that work together seamlessly to protect your home computer, your small business server, and the connection between them. Norton Internet Security includes Norton Personal Firewall™, to protect against hackers and keep sensitive information safe; Norton AntiVirus™, to keep out viruses and malicious code; and Norton Privacy Control™, to prevent personal data from being sent online to unsecured Web sites without your knowledge.
Assign tokens. Security tokens are a popular way of providing remote protection among businesses that allow telecommuting. A token is a small card that constantly generates and displays random, single–use passwords generally valid for 60 seconds. The token at the remote site is synchronized with the in–house network to provide a more secure login.
Encrypt sensitive data. Encryption disguises the data so it cannot be read in transmission. This is one the strongest lines of defense when exchanging information online. This method of incoherently scrambling information varies in strengths, but the industry standard is currently 128–bit encryption.
Limit number of connections. When configuring remote access, only one connection to the network per user ID should be allowed. Multiple logins could signal a hacker or other intruder, and an attempt should raise an alarm on your network intrusion detection.
Dispose of data safely. Be sure that different forms of sensitive data, including printouts, faxes, removable storage, and digital files are properly disposed of at remote sites. Confidential records can be stolen from the trash or end up in the wrong hands by another method.
If your small business is part of the growing family of telecommuters, feel good knowing you could be on your way to increased productivity and a flexible schedule. But also remember the dangers of connecting to the network remotely, and be sure to protect both your home computer and your business server.
Copyright Symantec™ 2002
