Cybersecurity Best Practices for Field Employees

by David Adams, Jeffrey Gould

Computer environments are made up of hardware, software, and the people who use and support them. When discussing cybersecurity risks associated with these systems, people tend to be the biggest challenge and risk, especially those who work outside of our offices. Here’s a high-level review of what we do to support them and navigate cybersecurity. 

 People

Our employees are divided into two distinct groups: office and field. Though they have many similarities, they each bring unique needs and challenges in order to support and protect. Field employees can further be divided into two sub-groups: unconnected and connected. The unconnected field employees don’t access our systems. The connected field employees do, and their system needs can be as basic as an email account to requiring 24/7 access to multiple systems. These needs can change from job to job or even within the same job. Additional challenges include: mobility requirements, open/unsecure and potentially hazardous work environments, as well as limited connectivity at remote job sites. 

Hardware

Connected field employees are provided with a range of devices, from smart phones and tablets to laptops and in some limited cases, desktops. All these devices need to be set to automatically patch to ensure vulnerabilities are mitigated as quickly as possible. A known vulnerability can be targeted by hackers within minutes of discovery. We’ve also deployed several field workstations to provide a secure portable mini-office, such as the Knaack’s DataVaults (both the 118-01 and 118-M). These support multiple connections for the varying computer systems, a cellular wireless router, printer and display. When an office trailer is available, we have deployed a small network which typically includes wireless access and a network copier. In several cases, we have also deployed cellular boosters to help address limited coverage. In especially remote areas, satellite internet and phones can also be used.

Software

Beyond the applications and cloud solutions needed to do their jobs, there are several solutions in place to ensure these systems and their data are protected. First, we start with unique passwords that meet complexity and length best practices. Due to the critical nature of passwords, we recommend that our users leverage a password manager.

If you are a CFMA member login to continue reading this article. If you aren't a member yet and would like unlimited access to all of the content on cfma.org, plus a variety of other benefits, join CFMA today!
Unlock Your Benefits

About the Authors

David Adams

David Adams is the Director of Information Technology and Quality Assurance at O’Connell Electric Company, Inc.

Read full bio
Jeffrey Gould

Jeffrey T. Gould is Chief Financial Officer of O’Connell Electric Company.

Read full bio