Balancing Workplace Security and Employee Freedom

Everyone’s aware of how challenging maintaining a strong cybersecurity posture is these days. Data security for businesses is an ever-evolving challenge, as threats abound, stretching digital boundaries to their very limits.

Nowadays, cyber attacks are more sophisticated and more complex than ever before. As attackers become more skilled and more dangerous, you need a security structure that can keep up. Yet, cyber threats do not only come from malicious attackers; sometimes the attacks can inadvertently come from your employees themselves. 

In the wake of COVID and thousands of employees shifted to virtual offices, dramatically increasing personal device usage within business IT environments, securing corporate environments has become even more complex. Protecting critical data becomes then a balancing act for businesses, wanting to limit outside vulnerability without limiting productivity and unnecessary irritation for its employees. 

1. Limit exposure to personal devices of remote users

When COVID hit and employees were sent home to work, many companies were not prepared to issue corporate controlled notebook computers to employees.  As such employees were asked to connect to office networks from personal computers from home, and as a result introduced an additional level of risk into the environment.  Even over a VPN connection, security vulnerabilities on personal devices can lead to a compromised corporate networks without use of published web app portals or tight security policies limiting exposure to personal devices. 

2. Utilize separate corporate and guest wifi networks

Most business networks have both guest and corporate wireless networks deployed.  In these environments the guest wireless network should be isolated from the corporate network through use of a DMZ and offer only Internet access to guests, providing no access to corporate data and devices.  Vendor, guest, and employee owned devices or those without tight security control by the business should be limited to use of the guest wireless network ONLY.  Employee smartphones and personal notebooks should never be allowed use of the corporate wireless network.  

3. Limit Extracurricular Searches to Employees Personal Devices

In 2020, it is nearly ubiquitous to own a smartphone. By enforcing company policy to only utilize personal devices for online searches of a personal nature, rather than business owned laptops and computers, you can better protect your data. This also eliminates some possible employee frustration with limited access to personal sites through use of corporate web filtering or GEO-IP filtering, where access to only countries deemed safe is allowed. For example, if an employee in their spare time wanted to order an item from a company based in a location blocked by the GEO-IP filter, they could be quite frustrated with the inconvenience. Yet, by offering a guest wifi network with less hindrances, your employees can safely access more sites on their smartphones, while still protecting your business’s critical infrastructure and your customers data.