You've managed to shave costs in this tough economy by hiring more remote workers who don't require office space, company cars or supervision, but did you stop to consider the computer security issues that can crop up when multiple individuals are accessing your company's IT infrastructure from afar? It's a question that many small to midsized companies are asking themselves as they find ways to outsource more work to third parties. "Whether it's your own company's data, or that of a client or business partner, IT security should always be a top concern,†says Jim Farnsworth, founder and senior partner at Denver-based consulting and project management firm Virtualwirks. "It's particularly important in the virtual work environment, where it can be more difficult to monitor and track activities.†The good news is that the remote workers themselves also care about security threats. According to a recent survey from mobility vendor Fiberlink, 70% of remote workers would rather get their tasks done on a secure network connection, even if it meant their assignment or work would be late. On the flip side, one in four of them have either altered security settings or purposefully delayed security updates, while about 50% have downloaded personal pictures and videos (43%) or software for their own use (31%) on their company-issued laptops. To keep your remote employees on the right track, the best approach involves a combination of employee education and technology tools such as firewalls with passwords that are changed regularly, anti-malware and defenseware, upgrades and patches, home network security and data backup systems. "Start with your people first, instead of just looking for a quick technology fix,†advises Farnsworth, who tells firms to present all rules and regulations governing IT use before hiring the home-based workers. If you don't want your employees' children using company-supplied equipment, be sure to state it in your IT policy manual. "Screen everyone thoroughly, train them on the proper use of and policies governing technology usage at your firm,†says Farnsworth, "and utilize performance management techniques to control how everyone is accessing and using your company's data.†On the technology side, all laptops that are being used from "outside†the corporate firewall and network should be outfitted with antivirus software (from a vendor like Symantec or McAfee) that's update regularly and properly configured. This software will filter both incoming and outgoing data and "block†messages and information as instructed. Companies with multiple home-based employees should also consider setting up a Virtual Private Network (VPN), which creates a secure conduit through which data can travel back and forth from the corporate network to the user. Data encryption (to keep unauthorized users from seeing sensitive files) is also important, as is vigilance over the equipment itself (the locking out of unauthorized laptop users or thieves via a password-protected system, for example). Home-based computers should be equipped with malware, spyware and intrusion detectors, auto-update settings should be enabled to ensure that virus definitions and patches are current (and stay that way), and employees should be backing up their data every night to a secure location. Ignore these steps, says Farnsworth, and you open up your network to threats like computer viruses, phishing attacks and hackers, all of which are waiting to pounce on unsecured IT systems. You could also risk isolating clients and business partners that share data with your firm. "The concept of securing home-based workers is both doable and controllable, but it requires a different model, and an approach that encompasses both the employee and the network itself,††says Farnsworth. Home-Based Computer Tips --Screen all remote workers carefully --Train workers on company security policies and rules --Use tools like antivirus software and VPNs to protect your network --Don't be afraid to put policies in place to protect your company Web Resources 10 Tips for Home-Based Employee Security Understanding Remote Worker Security