5 Golden Rules to Ensure Safe Remote Access in Your Business

Many companies are allowing telecommuting and installing remote access software as a way of attracting and retaining employees. Remote access tools allow employees to work from any computer connected to the Internet as if they were sitting right in front of their office computer. Productivity remains high, and employees can work from wherever they please - whether that is from home or their favorite café.

If remote access sounds attractive for your business, here are five golden rules that need to be followed to keep your business information safe when employees are accessing their office computers remotely:

1. Write a remote access policy - This needs to include not only the type of security expected of the chosen remote access tool, but also rules for accessing the office computer remotely. Then, this policy needs to be distributed to all of those who will have remote access rights. Make sure that all employees with this privilege know what is expected of them when connecting to their office computers remotely, and be prepared to enforce your own rules.

2. Choose a remote access tool with high safety standards -  It is important that you choose a remote access provider that offers end-to-end security, so that all of the data sent between the office computer and the remote computer remains completely safe. The most common security protocol is SSL/TLS, which is commonly used for e-commerce and online banking, and it can use different kinds of data encryption (such as 128-bit AES, for example). There are other kinds of security protocols currently available, so research what's on offer and choose a remote access provider that makes data safety their top priority.

3. Require employees to always log out of the tool - This should be on the remote access policy, and also needs to be reiterated on a regular basis. This is especially important if your employees will be connecting to their office computers from a public computer. Usually, remote access tools time-out after they haven’t been used for around 10 to 15 minutes. However, this could be enough time for sensitive information to be acquired from the office computer if a user forgets to log out after a remote session. This is why you should make it very clear that with remote access rights, comes the responsibility to always log out of the tool immediately after being done with it. If your employees need to take a break and work on the remote machine again, they still must log out when leaving the computer unattended, and log back in when they return. This simple rule will ensure that your office computers will never be left unattended during any point in a remote session.

4. Only grant remote access rights to those who need it - Not every employee in your organization needs the ability to access their office computers remotely. For some, remote email access is enough. Only grant remote access rights to those who either travel often or have made a remote working agreement with your company. Otherwise, there is no real need for employees to be able to access their computers remotely. Always know exactly which employees have remote access rights, and be prepared to take them away if they have been misused according to your written policy.  It's also helpful to regularly do an audit of how remote access is being used and when, and those who may not need remote access rights anymore should have them taken away.

5. Review your remote access policies periodically - Every few months, sit down with your employees who have remote access rights and find out about any problems they’ve had not only with the remote access tool, but also with any processes outlined in your policy. Update the policy according to both employee feedback and any security developments. The more current you keep your document, the easier it will be for your employees to know what is expected of them regarding remote access and data safety.