Teleworking Best Practices

There are a number of security factors that employers and employees should consider when teleworking. Secure Florida has developed some guidance to help you in addressing both digital and physical assets. 

Digital Security

• Use and regularly update firewalls and antivirus software. Firewalls prevent unauthorized information and users from accessing your network. Antivirus software will help to detect and remove any malicious content on your device. Keeping your firewall and antivirus updated will ensure that these programs know how to respond to new threats.
• Avoid using personal devices for work activities. Although some organizations allow the use of personal devices for work, this can present a number of risks for the organization. Using work-issued devices for telework can help reducing risk in a number of ways including:
  • ensuring that devices are all patched to address potential vulnerabilities,
  • reducing the number of devices with administrator-level accounts which could be used by malicious actors to make changes to organizational networks,
  • and reducing the potential for unauthorized individuals to access organizational information on devices.
• Be careful if using public Wi-Fi. When you connect to public Wi-Fi, anything you transmit can be seen by others. This includes usernames, passwords, account numbers, and confidential work information. Using a “secure” connection (such as HTTPS, SSL, or VPN) helps lessen this risk. When using your home Wi-Fi, take precautions to protect your network including using a strong Wi-Fi password.
• Report any issues to IT staff immediately. Inform IT personnel immediately if you experience changes in your work device. Some things to look out for include frequent error messages, a significant decrease in your device’s performance, and anti-virus software alerts to malware on your device. Additionally, you should contact your IT department immediately if you feel that you may have accidentally clicked a suspicious link or opened a malicious attachment.
• Ensure you are following your organization’s telework policies. Each organization may have their own policies regarding telework and information security. Consult with your organization for further information on policies and procedures.
• Remain informed of cyber threats. Cybersecurity training can help keep you informed of common cyber threats including malware attacks, phishing attempts, and business email compromises. Secure Florida offers a variety of Cybersecurity Training (secureflorida.org) options to help you recognize and respond to these threats

 
Physical Security

• Lock devices when not in use. Ensure devices are set to lock if you step away from them for a period of time to prevent others from accessing these devices. Don’t forget to set up strong passwords to unlock devices.
• Choose an appropriate work location. If your work activities involve the use of sensitive information, consider choosing a work location that prevents others from being able to see or hear work-related information. Screens and privacy filters can prevent information from being visible by others.
• Store your devices in secure locations. Avoid leaving your devices in your car or in easily accessible areas where someone may be able to take them. You may also want to avoid leaving your devices in areas where children and family members play and gather to prevent accidental damage to your device.