Being able to access the office while on the road can provide increased productivity and flexibility. However, it is important to ensure your equipment and connection is secure so that your network is not vulnerable or your sensitive business information exposed.
Remote access can create a number of security risks for your otherwise secure network. When you open up your network to connections from an external source you increase the risk that this connection can be used by a third party to access your network or that business information can be intercepted.
You need to ensure that you secure access so that only legitimate users can access your network and that you encrypt data to prevent theft.
Securing remote access requires a degree of technical knowledge. If remote access is an important part of your business, and you transmit sensitive business information, it may be worthwhile to invest in specialist advice from a computer expert.
Top tips
- Seek expert advice. Securing your remote access requires a degree of technical knowledge so seek expert advice from a computer professional if needed.
- Install up-to-date security software (firewall, antivirus and anti-spyware) on remote devices. Ensure that your network is also secure and security software is also up-to-date.
- Make sure that staff using laptops do not set their computer to log-in automatically. Make sure that they don't store their password on their laptop.
- Delete staff remote access privileges once they are not needed. For example, don't let someone who has left the company retain access to your network.
On this page
- Secure your network
- Secure your remote access
- Secure your information
- Monitoring
Secure your network
- Ensure that you have a secure network, including an effective firewall and security software installed to keep out unwanted connections.
- Ensure installation of remote access clients and other software is restricted to a staff responsible for network security. They will control which programs are used and ensure they are installed correctly.
- If you allow staff to connect using personal equipment, including personal home computers, ensure they have up-to-date security software installed.
Secure your remote access
Before you implement remote access for your business you may want to conduct a risk assessment. Identify risks and the controls needed to reduce risks to an acceptable level. You may also assess risk for individual staff, that takes into account their specific circumstances including where they will use the access (home or traveling, from a work or home PC) and if any one else will be use the computer (including family members).
- Restrict access to the minimum services and functions necessary for staff to carry out their role.
- Ensure that all staff use strong passwords on their mobile devices.
- Make sure that staff using laptops do not set their computer to log-in automatically and that they don't store their password on their laptop.
- Use strong authentication that requires both a password and a token-based authentication.
- Delete staff remote access privileges once they are not needed. For example, don't let someone who has left the company retain access to your network.
- Ensure staff return all relevant equipment on termination of the connection.
Secure your information
In order to protect sensitive information you may choose to restrict the type of data that can be accessed remotely. You should use Virtual Private Network (VPN) software which provides a high level of encryption to access your network remotely.
Monitoring
Review firewall and other server logs to monitor remote access. Watch for unusual activity.
