Home Working can be a useful tool for businesses seeking to maximise productivity. At the same time, it can prove to be a significant challenge when it comes to security as they and their employees will need to share, store, and communicate confidential business-related information.
This 10 Step Guide has been created by Surfing Safer Limited to help businesses establish good security practises when dealing with the challenge presented by home working.

The PDF version is avalable here.

1. Ensure that you have a home working policy which you have communicated to your employees. Make sure that they understand and agree to the policy before you authorise them to work from home.
2. Provide home workers with a copy of the applicable corporate security policies and make sure that they understand those policies.
3. Ensure that you include home workers in all inter-company security education and awareness programmes.
4. Where you allow employees to work from home, ensure their systems are installed with up-to-date anti-virus, and spyware protection.  You must make sure that home workers’ systems cannot become a weak link in your network.
5. Provide home workers with the correct security tools to be able to communicate and transmit data securely over the Internet.
6. Do not take anything for granted. Make sure that your home working policies deal with the pitfalls of storing data to different media formats, for example USB sticks, CDs, DVDs, etc.
7. If your home workers can print your business-related information to hard copy then you need to provide them with the ability to handle the print-outs securely. Provide them with secure cross-cutting shredding facilities to shred information that can be disposed of. Provide them with secure storage facilities to retain any printouts that must be retained under your information management policies.
8. Ensure that your home workers understand how you expect them to use the systems that you provide them with. For example, they should not use them over non-secure WiFi, unsecured networks, etc. Conduct regular home working risk assessments and communicate these to your home workers.
9. Do not forget that your home working policy must consider the end-of-life of their systems. If you allow your home workers to process your data assets then you must ensure that their home working equipment is purged of all data before you or they dispose of it.
10. Make sure your HR procedures are set up to cater for home working. You must ensure that you capture all home workers who leave your employment into your HR leaving process.