Key Podcast Highlights
What Are 5 Steps to Secure Your Remote Workers?
- Make sure your workers have a secure router with a complex password. Divide up routers between business and personal use.
- Subscribe to a corporate password vault, like LastPass or Keeper.
- Have patch management tools, where users are upgrading their operating systems.
- Set up a virtual private network or VPN. This encrypts data backwards and forwards and prevents people from seeing information.
- Train your employees about security. Work with an IT firm that can not only help secure your firm but also provide training to your remote workers.
The views and opinions expressed on this podcast are for informational purposes only, and solely those of the podcast participants, contributors, and guests, and do not constitute an endorsement by or necessarily represent the views of The Hartford or its affiliates.
You’re listening to the Small Biz Ahead podcast, brought to you by The Hartford.
This podcast is brought to you by The Hartford. When the unexpected strikes, The Hartford strikes back for over 1 million small business customers with property, liability, and workers compensation insurance. Check out The Hartford’s small business insurance at TheHartford.com.
Hey everybody, this is Gene Marks, and welcome to another episode of the Hartford Small Biz Ahead podcast. Thank you so much for joining me this week. I don’t know if you guys know this or not about me, but I am a CPA. I’m not a very good CPA. I don’t do taxes anymore. For me, if it was close enough, it’s good enough and that’s not what you want out of a CPA. But I do know enough about numbers that my firm provides financial consulting, but we also do a lot of technology consulting as well. And we help a lot of clients with their customer relationship management systems and work with other IT firms in the area. And a lot of times people ask me about securing their remote workers, their work from home workers, and that’s what I wanna talk about this week.
I’ve got five things you need to do to make sure that your remote or your work from home workers are secure. Because if they’re not secure and they get hacked and some malware gets into your network and your system, it could mean big, big trouble. And let’s face it, since so many more people are now working from home, that we have a lot more exposure towards security issues happening. So we really, really gotta make sure that we are on top of the game. Before we even get started on the five actions. I’m gonna have to warn you of something and embrace you for something it’s gonna cost. Okay? I mean, to keep the, one of the costs of having remote workers is investing in technology and resources, meaning IT people to help make sure that they are secure. People don’t talk about that very often, but it needs to be a consideration when you’re setting somebody up to work from home.
So, let’s talk about working from home. Action number one, make sure that your workers have got a good secure router. A lot of times workers have routers that they bought for their own home use. A lot of times, me included, we don’t even change the passwords that comes the factory set, which anybody can get off of the internet for the maker of that router. So it’s really important to make sure that you’ve got, a good secure router in place. Really, not only have a very complex password, but also you might wanna divide up your router between business and personal use, depending on where your employee is logging into, or even having a separate router. Hacking into somebody’s router just by parking outside of their home. It’s really more simple than you think. And once they’re in the router, they’re into their home network. And once they’re in the home network, they’re into your network as well. So you gotta button down the router security. That’s number one. Number two, obviously you have to enforce passwords. I recommend if you’re still using passwords, and by the way, that’s gonna change in the next couple years. That’s another topic for another day. But right now we’re all using passwords. Make sure that your company has subscribed to a corporate password vault. There are quite a few good ones that are out there. LastPass is one of ’em. Keeper is another one.
They’ve had some security issues themselves, so be careful and look into it. But when you have a password volt that you make available to all of your employees, they can then create complex passwords. Not 1, 2, 3, 4, 5, but they can use letters and symbols and uppercase and lowercase. Makes it a lot harder for hackers to get in. And then they don’t have to remember it because it’s in the vault and they can always access it from there. And then of course, whatever is logging into your network or any of your cloud-based applications, multi-factor authentication has to be set up. So when a user from their home is logging in, they’re actually getting a text message sent to them with a pin that they have to enter in, to give them access back into the system. So have a password vault and multifactor authentication. Number three, you need to have patch management.
The most important thing about patches is making sure that your users, your remote workers are upgrading their operating systems. Whether or not they’re using Windows or they’re using Apple, or they’re using Android, all of their devices that are accessing your network data has gotta be on the most recent operating systems. Why? Because the most recent operating systems have the most recent security installed in them. They don’t guarantee that a hacker can’t get in, but it just makes it a lot harder for those hackers. And you know what? They’ve got so many other opportunities for other people that aren’t doing this. They’re likely just to pass you by. So you gotta make sure that they’re running the most recent operating system and frankly, the most recent versions of all the software that they’re using as well, which is why you wanna consider getting a patch management tool.
Patch as in patching software, you upgrading software, making sure your softwares have got all the most recent patches with it. Now, somebody’s gotta monitor that, and I’ll get to that in a minute. Number four, make sure you’ve got a virtual private network set up or a VPN. There are plenty of great ones out there. Any IT person can easily set up your users. So when they’re working from home, they’re accessing your system through a VPN. What a VPN does is it encrypts data backwards and forwards. So if a user is at an airport or on a public wifi, or if they’re working from home and somebody’s trying to sneak in to see what they’re doing, well, whenever they’re putting in a username and password anywhere, including your systems, it’s encrypted. Nobody can see it, nobody can get to that information.
That’s go, it’s going back and forth encrypted. So it’s very important to have a virtual private network. Finally, your users need training. The biggest reason why companies get hacked is because of a mistake made by users. That’s you and me, by the way because we’re all making those mistakes. I strongly recommend that you have a good IT firm that can not only do that patch management and check out your router and set up your password vaults and set up that VPN. But a good IT firm should be providing training for your remote users to identify any types of malicious software, phishing emails, weird messages, strange requests…
Things like that. Training is important. There are a lot of really good software products that are out there as well that will try and spoof your workers, for training purposes. They’re doing off the latest sort of spam and solicitation and phishing emails out there to try and fool your workers into clicking onto something so that we learn, what not to do. Training is really important. Your workers should be trained at least quarterly on the most recent threats and what to do and what to look for. Not a big expensive time, but something I think that’s really critical. So let’s recap. We got a lot of workers working from home. I get it. If you’re gonna have a worker working from home, you’re gonna have to pay a little bit more because a cost of somebody working from home is you gotta make sure they’re secure.
If you don’t make that investment and somebody gets into your system or drops some malware or ransomware on your network, you could be shut down for a while. So you have to make that investment. Upgrade your workers routers, that’s number one. Number two, have a password vault like a Keeper or a LastPass, for example. Make sure that everybody is upgrading their operating systems when asked and have other patch management done to all the applications. Install a virtual private network to encrypt any data going back and forth. And finally, make sure your workers are trained to do all of that. You’re probably gonna have to invest in an IT firm to help you. I mean, that’s just what you’re gonna need to do. But welcome to doing business in 2023. So I recommend reaching out, getting some referrals or recommendations of a good local IT firm in your area that can help you get all of this stuff set up and make sure that your remote workers are as secure as possible.
That’s my advice for you. Those are the five actions you need to take to make sure your workers are as secure as possible when they’re working remotely or working from home. My name is Gene Marks, and you have been listening to The Hartford Small Biz Ahead podcast. If you need any advice or tips or help in running your business, please visit us SmallBizAhead.com or SBA.TheHartford.com. Thank you so much for listening. Hope you got a little bit of value outta this. We will see you again next week with another tip to help you run your business. Take care.
Download Our Free eBooks
- Ultimate Guide to Business Credit Cards: The Small Business Owner’s Handbook
- How to Keep Customers Coming Back for More—Customer Retention Strategies
- How to Safeguard Your Small Business From Data Breaches
- 21 Days to Be a More Productive Small Business Owner
- Opportunity Knocks: How to Find—and Pursue—a Business Idea That’s Right for You
- 99 New Small Business Ideas