Introduction

In view of the recent outbreak of coronavirus, many organisations have arranged for their employees to work remotely to achieve social distancing with a view to reducing infection risks. While working remotely through various information technology (IT) solutions, organisations and their employees should be aware of the potential IT security risks and proper measures should be put in place. Below are some tips for organisations and employees to maintain a safe and secure remote working environment.

This video explains the key points about Security of Remote Working (Chinese Version Only)



Security Tips

Keep your computing devices secure

  • Install anti-malware software and personal firewall
  • Ensure all software / firmware are patched and updated
  • Enable security features to prevent unauthorised access to your devices

Secure your network

  • Avoid using public Wi-Fi network to handle sensitive information
  • Use secure connection to your working environment (e.g. use Virtual Private Network (VPN))
  • When using Wi-Fi, make sure it is using WPA2 or WPA3 encryption technology

Protect your user accounts

  • Adopt strong passwords and/or multi-factor authentication for remote login to prevent unauthorised access
  • Do not share your personal accounts with others
  • Log out remote access account when not in use

Protect your data

  • Back up your important data and keep the backups in a secure, off-site location
  • Adopt data encryption when storing sensitive data in storage devices or cloud storage
  • Do not overshare your personal data in social networking sites

Be aware of phishing scams

  • Do not visit any websites by clicking links in suspicious emails / websites
  • Do not open / download email attachments from suspicious sources
  • Be cautious before submitting any personal / sensitive information through emails / websites

Provide adequate support for remote working

  • Remind employees to comply with the information security guidelines and policies of your organisation and report to the organisation’s IT support staff if any security issues are found
  • Ensure employees working remotely have good awareness of the IT support facilities and correct configuration for the devices
  • Ensure the incident response plan and business continuity plan are up-to-date to cover staff working remotely

Extended Readings

Some references on security of Remote Working and what you need to know:

  1. InfoSec website - Protecting against Malware
  2. InfoSec website - Handling User Accounts & Passwords
  3. InfoSec website - Make Regular Backups
  4. InfoSec website - Protecting Against Phishing Attacks
  5. InfoSec website - Securing Your Wireless Network
  6. Education Bureau website – Cyber Security in Schools
  7. Cyber Threat Alliance - Cybersecurity and working from home: tips & resources
  8. The Office of the Privacy Commissioner for Personal Data, Hong Kong website - Protecting Personal Data under Work-from-home Arrangements: Guidance for Organisations
  9. The Office of the Privacy Commissioner for Personal Data, Hong Kong website - Protecting Personal Data under Work-from-home Arrangements: Guidance for Employees

Disclaimer: Users are also recommended to observe the Important Notices of this website and read the user agreements and privacy policies of the security software and tools before download and use them. 

Back to Top