With many companies and organizations embracing remote working strategies for the near and long-term, there are many security considerations that go beyond the usual cybersecurity tips.

Mike Schiller, Supervisor of Audit and Accounting Services at Gorfine, Schiller & Gardyn (GSG) discusses often overlooked security measures employees should be taking while working from home.

Q: What are some of the security vulnerabilities that can come from working at home?

A: When people are working from home, the first vulnerability they think of is their computer. A computer is certainly vulnerable, but there are other factors that don't get considered, such as having hard copies of documents in your private home that you normally would only have in your secure office.

This opens up the availability for other people in your household to see that information. For instance, friendly visitors have access to those documents, or even in the unfortunate event of a robbery, thieves will all of a sudden have access to business information in your personal home that would normally be in an office.

Q: There’s a lot of information about using VPNs and other cybersecurity tips for keeping information secure electronically, but there are a tremendous amount of vulnerabilities that can happen just from the home office with hardcopies. What can companies do to ensure that their employees are keeping their home offices more secure?

A: It’s important for companies to identify that hard copy documents are a vulnerability and to create policies such as making sure you only keep those hardcopy documents as needed at your home. Once these document are no longer needed, they should be taken to the office to a shredder. Also, when possible, try to scan those documents so that you can access them digitally instead of needing a hard copy.

Q: Aside from protecting access to business documents, is there anything else people now working from home should always think to do for a secure environment?

A: It’s incredibly important to lock your office when you’re no longer there. People feel more secure when they're at home, but they really need to treat their workspace as they would in an office environment. Whenever a home office is vacant, it needs to be secure. You never know who can come in or out of the home at the wrong time and view proprietary information.

Q: What can companies do to ensure their employees are using the right cybersecurity practices?

A: Certainly having networks with VPN and making sure employees are setting up their home networks properly with security will help. Companies should also identify which specific computers are being used to access office information. There are employees who have work computers that they're able to take home and access office data. Other employees are accessing from a personal computer at their home.

If you're using a personal computer, who else in the household has access to that computer? Are you properly logging out before your spouse, children, or visitors use that computer? These are all key concerns companies should be considering to create new policies to address today’s remote work environment.

Q: What types of services does GSG offer in this area?

A: GSG offers tax, audit, small business consulting, and as a Certified Fraud Examiner, we offer forensic examinations and fraud investigations as well.

About the Author:

Mike Schiller, CPA and CFE, is a Supervisor of Audit and Accounting at GSG. His experience includes work in the areas of audits, reviews, and compilations for nonprofit organizations, small and medium size businesses and employee benefit plans. For more information, click here.