AM Exclusive Technicity Newsletter Issue 6 | Page 3

THINGS YOU SHOULD BE DOING TO
PROTECT EMPLOYEE-OWNED PCS
4WHILE EMPLOYEES WORK FROM HOME
When employees use
devices outside your
network to access
company data, there
is an inherent security
risk. You do not have the same
controls in place on their home PCs
as you do for their PCs in the office.
Before COVID-19, when you had a
handful of employees working from
home for only a handful of days
using PCs that they owned, you did
not have to worry as much. Now that
most, if not all, of your employees
are working from home the entire
day, you can no longer ignore the
risk.
Cybercriminals know there are a
lot of vulnerable PCs out there
accessing sensitive information
they can exploit, so they are out in
full force. If any of your employees’
personal computers get hacked, your
business assets are at risk.
The following protocols should be in
place for all your employees’ PCs to
protect your business data:
1) SECURE ACCESS THEIR OFFICE
PC.
LogMeIn, GoToMyPC, and the like
without any oversight is not secure.
For a higher level of protection, you’ll
want to provide access via a VPN
with multifactor authentication.
Imagine your office network as
a physical building. When your
employees connect from their home
PC, it is like they are walking into
your building. When you add a VPN,
it acts as a key for them to open the
door to your office and as a security
guard that ensures no one follows
them into the building.
2) ENSURE THE LATEST SECURITY
PATCHES ARE INSTALLED.
Hackers are continually coming up
with new, inventive ways to get
around security systems. And the
“good guys” are regularly coming out
with new protections (aka security
patches) to thwart these attacks.
Relying on your employees to click
“yes” when their systems prompt
them to install security patches is not
reliable. And any of your employees
using a Windows 7 computer
or earlier? They are completely
unprotected as Windows is no
longer providing updates for these
operating systems.
3) BLOCK MALICIOUS WEBSITES.
There are websites that can be
recognized as scams, hacking,
and Web Proxies that have high
incidences of malware that can be
blocked with software. One thing
malware can do is secretly collect
information stored in web browsers,
accessing saved user IDs and
passwords. Even if you are providing
employees with VPN access into
their office PCs, this does not
prevent them from accessing webbased
tools from their home PCs (i.e.,
ADP payroll or QuickBooks online).
You leave yourself vulnerable to
these critical passwords being stolen
and exploited if your employee clicks
on something accidentally that brings
them to a malicious website that isn’t
blocked.
4) GOOD ANTIVIRUS & ANTI-
MALWARE SOFTWARE.
You can’t rely on the antivirus and
anti-malware tools that come with
computers (i.e., Windows Defender).
While these tools provide some level
of protection, they are by no means
all-encompassing and can fail in
the full protection of web browsing
activities and malicious links. And if a
PC does get a virus and the software
cleans it up, you cannot entirely
rely on it to completely clear it. A
best practice is to follow up with
additional scans.
We’ve developed an Employee
Home PC Protection Plan as a
supplement to our Managed IT
Contracts to take care of all of
the above and more. For more
information, visit amexclusive.com/
employee-protection.