How to Implement a Work From Home Security Policy in 90 Minutes

Work From Home Security Policy

A growing number of companies are implementing mandatory or optional work-from-home policies in light of COVID 19’s rapid spread. For tech giants like Google and Twitter with robust data and device security policies set long ago, such a dramatic shift represents an inconvenience, but not a security threat. But for traditionally office-bound workspaces, the sudden shift can prove problematic. It’s an IT professional’s nightmare: company devices spread across many locations and networks, with no clear idea of when they’ll return to the safety of the office. 

The fact is, many companies are unprepared to protect devices in a work-from-home scenario but are choosing to allow employees to work remotely to protect their health. Meanwhile, surveys suggest a third of organizations claim they’ve experienced security breaches or data loss as a direct result of employees working remotely. The good news is, implementing a temporary (or permanent!) device security policy for remote employees is easier than you think. In this article, we’ll cover the basics your security policy should cover, the fastest way to set up security measures across all company and personal devices, and recommend some tools you can implement, even from afar.

Whether working from home is a short-term measure or the new normal, these security basics will ensure company data is protected, no matter where it resides.

5 Steps to Setting a Work-From-Home Security Policy

Getting started can be the most intimidating part of this process, especially when time is of the essence. Putting policies and contingencies in plan is the most important thing – you can adjust (perfect) them as time goes on. To create a remote security policy ASAP, do the following:

  • Determine priorities: Are you looking for a short-term solution or a long-term policy you can rely on?
  • Identify weaknesses: What are your current security concerns? These will become riskier the more often employees work from home. Are you worried about company data on personal devices? Have devices been misplaced before? Consider ways to mitigate these risks now and in the future.
  • Understand best practices: Working from home is becoming more and more common, which means other companies have gone before you and can help you understand what to watch out for. We’ve listed three critical policies you should include below. 
  • Choose enforcement tools: Ensure your best intentions will result in real change by choosing a tool that helps you monitor employee devices. More on this below.
  • Communicate clearly: Document your new policies, including clear instructions on how to comply and what enforcement measures you’ll be implementing. Set the tone for remote work during this season and beyond. 

Sign Up Now For a Free 30 Day Trial

3 Security Policies for Remote Workers:

  • Make sure you can monitor devices remotely.

We’re not talking about browsing history. Knowing where company devices are located, being able to monitor usage or lock a device that appears to be at risk can save you plenty of uncertainty and give you control even from afar.

Need to manage and control personal devices? Implement a BYOD remote wipe policy.

Pro tip: Didn’t install monitoring software while devices were in the office? Not a problem. Give us a call at 877-375-2468 and we can help you get set up remotely.

  • Prepare a contingency plan for lost, stolen or hacked devices. 

The top finding from a 2018 survey was that one-third of respondents admitted to losing a device in a public place. Company policy may be clear that employees shouldn’t leave laptops in their car or use public wifi, but let’s be honest: it happens. And when it does, if you don’t have a plan in place, the consequences can be staggering

Our customers use DriveStrike as their contingency plan. If a device is lost, stolen or even hacked, DriveStrike allows an authorized user to locate that device or clear data from anywhere. 

See how it works here.

  • Only allow private, secure WiFi connections.

The lattes and the ambiance may be better, but do NOT permit employees to work from coffee shops or other public spaces. With a proper monitoring tool in place, you can enforce this policy. 

Read Also: How to Find a Stolen Laptop

Set Up and Start Enforcing FAST

Nope, you don’t have to have the devices in the office to get started, so even if your team is already self-quarantining, you can implement security measures as soon as TODAY with a tool like DriveStrike. Your first 30 days are 100% free! See how easy it is below:

(Don’t use Windows machines? Not to worry DriveStrike works on any device – yes, really! See how easy it is to implement on your company’s devices here.)

Protect Personal Devices Too

We would all like to think that employees are keeping company data off their cell phone – but let’s face it, personal devices carry sensitive work data too. BYOD device policies can seem complex and difficult to implement, but the truth is they’re easier to use than you may think. With DriveStrike, you have two options:

#1 – “Shared Management,” where an employee uses their own device but your organization controls an encrypted work profile on their phone.

#2 – “User Management,” where employees install DrivesStrike for their entire device and control the settings themselves. 

There are benefits and drawbacks to each of these approaches, and we’re happy to talk you through them. Give us a call at +1 (877) 375-2468  or email us at, and we’re happy to talk about which option would be best for your organization.

Read Also: How to Remotely Wipe a Phone

Other Tools to Consider

  • VPN
  • Password management 
  • Encryption tools
  • Data backup