Keeping healthy security practices across a globe and diverse workforce is no easy feat. This type of office environment has invoked conversation surrounding keeping and maintaining healthy security practices. It’s easy to dismiss these types of challenges, but it will payoff in the long run to discuss data safety with remote workers. And one could argue that good security hygiene is very important when employees are remote, because remote employees are bringing their own devices (BYOD) and working on public wi-fi.

Security is important in a remote workforce, but how can be make sure healthy practices are followed? We reached out to technology thought leaders in the field to ask for their insight into this subject. We approached them with the question:

How can you encourage healthy data security practices in a remote workforce?

Meet our Panel of Cyber Security Experts:

Michael FigueroaJason Sinchak
David Lee Djangmah Chadd Carr
Jeff Rolen Paul Bischoff
Sadie Cornelius
Andrei Vasilescu
Reg Harnish
Stephen Watts
Keri Lindenmuth

Michael Figueroa

Cyber Security Predictions for 2018: The Top Experts Speak

Michael Figueroa, CISSP, is the President and Executive Director of the Advanced Cyber Security Center, a non-profit organization that brings together industry, university, and government organizations to address the most advanced cyber threats. In addition to leading the ACSC, Michael has also managed teams securing large-scale systems integration efforts for several U.S. Government agencies. Figueroa is a graduate from the Massachusetts Institute of Technology (MIT) in Brain and Cognitive Sciences and from the George Washington University (GWU) in Forensic Sciences, concentrating on High Tech Crime Investigations.

Follow this data security best practice:

Organizations want to be able to monitor sensitive data flow and usage. To ensure that workers do not move data to popular sharing services to bypass controls that affect their productivity, organizations should focus on simplifying how workers can access the data they need within the remote access systems. Too often, organizations try to educate around complexity and hold users accountable for failure rather than work to provide users with the tools that they need. By studying data flows to better understand how remote workers are using data when mobile, providing remote access capabilities that enable remote workflows, and subscribing to popular sharing services to gain access to their monitoring features while also enabling workers to continue using them, organizations will proactively gain greater control without the friction that promotes policy breaking.



Cyber Security Predictions for 2018: The Top Experts SpeakDavid Lee Djangmah is an American security researcher, technologist and lawyer currently in the Asian Pacific.

Follow this data security best practice:

Security begins with people, not systems. Whatever their roles, hire trainable consummate professionals who are threat smart, highly click-averse (suspicious) and committed to maintaining top notch security hygiene and data privacy. Leadership must be equally committed, submit to regular training like everybody else, and model good security hygiene. Training, testing, drills and games should include Social Engineering, Phishing, Ransomware, BEC (Business Email Compromise), Business Process Compromise and how Targeted (Cyber) Attacks are waged. Regular Social Media security and related home and mobile security risk training, also a must.


Cyber Security Predictions for 2018: The Top Experts SpeakInfinity, Inc. has been a leader in the development and support of enterprise-class information services for businesses throughout Georgia and South Carolina since 1999. We proudly provide peace-of-mind through responsible business technology solutions to clients in the health, legal, manufacturing fields, and more.

Follow this data security best practice:

At Infinity, we build healthy data security practices into the backend so remote workers don’t even have to think about it, and we set clear expectations through detailed security policies. Both internally and for our clients, we focus on security at the entry points, i.e., password protection and management. We have implemented a robust tool that is fully encrypted, provides automated password generation and rotation, and that allows us to manage access by IP address, through multi-factor authentication, and more. We believe the best way to encourage any best practice is to keep it simple and make it easy, if not completely automatic.



Cyber Security Predictions for 2018: The Top Experts SpeakSadie Cornelius is the Marketing Director for Safe Smart Living where she’s been writing about smart home living, personal finances, wearable tech, security and identity theft since 2014. Cornelius also leads the charge on all brand management, graphic design, social media strategy and overall marketing initiatives for Safe Smart Living. She has more than a decade experience in digital and traditional media for a wide-range of companies and industries.

Follow this data security best practice:

Virtual Private Networks (VPNs) should be used to mask employees identity and location, resulting in a secure, encrypted connection while on public Wi-Fi. Employers should also provide remote workers with an antivirus software on their computers for an added layer of protection. Also require 2-factor authentication for all programs used (Google Drive, Dropbox, WordPress, Basecamp etc) and secure password protection on all devices (phones, computers etc).



Cyber Security Predictions for 2018: The Top Experts SpeakAndrei Vasilescu is a renowned Digital Marketing expert and CEO of a Money Saving platform called DontPayFull. He is providing cutting edge digital marketing service to various international companies and different online coupons of various brands for years.

Follow this data security best practice:

Provide highly encrypted devices to your employees which can be accessed only by the authorized individuals. Set up a Virtual Private Network or VPN to allow your remote employees to access your corporate network system. Use those cloud services which allow you to monitor every operations on your precious data to restrict any chance of illicit movement or tampering. To minimize the chance of any possible unauthorized breaching through your official emails, use email encryption tools. Essentially set up two step authentication for any login process where in the second step the user have to use the OTP sent to a verified phone number or email address.



Cyber Security Predictions for 2018: The Top Experts SpeakGreyCastle Security is a leading cyber security services provider headquartered in New York, USA.

Follow this data security best practice:

Everyone of your team members must know they play a role in company security, and that the security program is only as good as your weakest employee. Pushing this message is a start. However, whether your team is in-house or remote, the key to getting full buy-in from your employees regarding data security practices is effective education. I can’t overstate the importance of “effective” education, which changes behavior, so when your employees leave the office to work remotely, that behavior will follow. What does effective education look like? The important factors of all training programs should entail solid password practices, safe internet browsing, cloud security and email standards, securing mobile devices, and appropriate social media behavior. It’s important to note that simply tossing policies and procedures at your team won’t be enough. You need to discuss the “why.” Why it’s important to follow the rules. Once your team understands the why of each policy, they will be less likely to forget it, even when working remotely.



Cyber Security Predictions for 2018: The Top Experts SpeakStephen Watts is a Web Strategist at BMC Software and contributor to, IT Chronicles, CIO, Search Engine Journal, and other publications.

Follow this data security best practice:

The most important thing is education. Remote workers are less likely to pick up on the organization-approved best practices for data security than in-office workers without explicit instruction. These employees may simply not know about the approved processes and applications, and in most cases are eager to comply. IT security teams should send out regular reminders to all employees about corporate governance and policies around data security as well as include training during employee on-boarding.



Cyber Security Predictions for 2018: The Top Experts SpeakKeri Lindenmuth is the web content writer and marketing manager at KDG. KDG provides award-winning IT support for higher ed, nonprofits, and small businesses.

Follow this data security best practice:

A business owner or manager can encourage healthy data security practices in a remote workforce by enacting policies in regards to password usage, VPNs, and removable storage. A manager should require uniform password policies for all employees, implementing mandatory password changes every several months. Meanwhile, a VPN can help securely connect a remote workforce by allowing them to use an encrypted connection to access company data. Finally, managers should get rid of removable storage devices and instead require that all employees access documents and work from the Cloud, such as Google Drive. The Cloud is more secure than USB flash drives, which can be lost or stolen.



Cyber Security Predictions for 2018: The Top Experts SpeakJason Sinchak is the CEO and founder of Emerging Defense, a cyber security consulting firm, and Sentegrity, a mobile security solution. He specializes in penetration testing, breach investigation, and mobile device security.

Follow this data security best practice:

The greatest cyber threat to an organization and the most difficult to prevent is an attack on its people. These attacks are technical in the form of social engineering or physical such as theft of physical workstations. An organization cannot guarantee the physical security of remote devices, and it cannot prevent social engineering attacks. The best security practice to protect a remote workforce is through an enforceable security awareness training program. Remote workers need to be continuously informed about the unique threats they face and evaluated on their understanding of security awareness training.



Cyber Security Predictions for 2018: The Top Experts SpeakChadd Carr is the Chief Technology Officer (CTO) and Global Lead for Cyber Innovation & Strategy at 6massive Holdings, LLP responsible for overseeing our Cyber Security Labs, servicing both national and international clients, throughout all sectors. Prior to 6massive, Carr was the Founding Director of PricewaterhouseCoopers (PwC) National Cyber Threat Research Center (CTRC). As a former Special Agent and Computer Crime Investigator with the Air Force Office of Special Investigations (AFOSI), he has over 18 years’ experience in cyber security, intelligence, network intrusion investigations, computer forensics, and information operations.

Follow this data security best practice:

Assuming that sound cyber hygiene is already in place (use of strong passwords, active virus protection, recurring security training, established and enforced standards, etc), organizations may lessen the likelihood of a security incident by implementing three core practices when integrating virtual members into their workforce. First, protect remote devices by incorporating whole-disk encryption, forced patching schedules and software updates, two-factor authentication, and possibly endpoint protection software. Second, leverage cloud applications and hand off much of the data-security responsibility to cloud-service providers. Finally, if a direct connection between the enterprise and remote device is needed, encrypt the internet traffic by using a virtual private network (VPN). Cyber security, much like life, requires collaboration.



Cyber Security Predictions for 2018: The Top Experts Speak

Paul Bischoff is a privacy advocate at Bischoff has been covering IT-related subjects since 2012. He previously worked as the China editor at Tech in Asia and is a regular contributor at Mashable, as well as several blogs for internet startups around the world.

Follow this data security best practices:

  • Encourage encryption everywhere: encrypt files and folders when they’re stored on employees’ devices, use end-to-end encryption for communication (chat apps), use a VPN to encrypt unsecured wifi connections. If you use cloud services, ensure files are encrypted both in transit and at rest.
  • Stay on top of updates: keep the operating system, apps, browser plugins, antivirus, and other services up to date to patch security vulnerabilities.
  • Use strong, unique passwords and enable two-factor authentication or two-step verification whenever possible.
  • Let employees access the company network securely: set up a company VPN that creates and encrypted tunnel to staff-only resources.
  • Ensure devices and accounts can be remotely wiped and shut down: in a worst-case scenario, such as a stolen laptop or a compromised account, the company should have a plan in place to quickly report and disable it.

Get fresh blog content straight to your inbox.