Remote Control: Staying Secure When Working Out of the Office

By Kevin Ricci
With an everincreasing percentage of the U.S. workforce telecommuting at least part of the time, people are more connected to work than ever before. Thanks to remote computing, we can now work and respond to emails while away from the office, anywhere, and at any time. Remote computing can certainly have a negative impact on work-life balance if not used strategically, but when used right, it can provide tremendous convenience and significantly boost productivity. By following the tips below, you should be able to avoid many of the more common threats associated with remote computing:

  • When sitting in a public area such as an airport or coffee shop, keep a close eye on your mobile devices. It may be tempting to leave your phone charging while you step away to check on the status of your flight or to get a refill on your coffee, but those few moments could provide a thief with ample opportunity to steal your device.
  • In the event your mobile device is lost or stolen, contact your IT department as quickly as possible. Your IT department may have the ability to remotely “wipe” your device, which means they can delete the data by sending a command to the device. The quicker the call, the better the chance your phone can be wiped before someone can view your photos, access your apps, or read your emails.
  • Make sure that your mobile devices are protected with a password. Whether you choose a PIN, swipe pattern, biometrics, or a traditional password, this defense will help prevent a thief from easily accessing your data. Also, be sure to enable encryption on the device (especially on laptops), as it will make reading the data without the password virtually impossible.
  • Only select secure Wi-Fi connections. If you choose a Wi-Fi connection that is not secured (a connection that doesn’t require a password), criminals can easily hijack the data being sent to or from your laptop or mobile device. Look for a connection that is secured and where the password is provided by the owner of the network. As an added layer of protection, utilize a VPN after connecting to the wireless network, preferably one with two-factor authentication (e.g. a text sent to your phone prompting you to confirm the connection).
  • Be sure to choose the correct Wi-Fi connection. The next time you check into a hotel, take a close look at all of the Wi-Fi connections that are available before making your selection. Chances are, some of the choices look legitimate (e.g. Hotel-Guest) but have been set up by criminals in the hope that you connect to them instead of the real one (e.g. Hotel_Guest). Once connected, the criminals could have the ability to capture the traffic being sent or received from the device or laptop. For laptop users, the safest option may be to connect using your phone as a hot spot (check with your mobile carrier for pricing and instructions).
  • Consider disabling Wi-Fi on your mobile device when travelling. Mobile devices are constantly looking for trusted Wi-Fi networks to connect to, such as your home connection (e.g. MyHomeWiFi) by broadcasting their names and listening for a response. With an inexpensive tool, nearby criminal hackers can listen for these broadcasts and establish a fake network with the same name as your trusted Wi-Fi networks. Your phone could be tricked into automatically connecting to this fake network, and data travelling to and from the device can be intercepted. In addition to disabling your Wi-Fi, you should go ahead and disable Bluetooth if you won’t be attaching to Bluetooth devices when travelling, as these connections can also be compromised.
  • When sending sensitive emails, utilize encryption. There are many email encryption choices available, and most cost only a few dollars per user per month. Encryption will add a high level of protection while showing the recipient that you value safeguarding the sensitive information being exchanged with them. While there are risks related to remote computing, there should only be a remote possibility of something going wrong if you utilize simple cybersecurity best practices, as noted above.

Good luck and safe travels!
Kevin Ricci, CISA, MCSE, CRISC, QSA is Director at Citrin Cooperman. He can be reached at (401) 421-4800 or