Things to consider…
I’ve been getting quite a few requests about setting companies up to support the “Work from Home” program that most companies are doing to reduce the spread of Covid-19. This is a fantastic way for all of us to help the cause and stop the spread of this nasty virus. While we do this, lets make sure that we understand the new risks being introduced and don’t let good intentions turn into a big problem.
Top 6 things to consider when implementing a work from home policy:
- End Point Protection on home machines
You probably have corporate standard end point protection on all company machines but now you may be opening the door to unprotected devices. Depending on the type of access that you are allowing will dictate what you need to consider. If you are setting up your users with direct VPN access, you will have to be more vigilant over what protection these home computers have. If you are using a 3rd party remote desktop solution like TeamViewer, your exposure is far less. In this case, the home computer does not have direct access to your corporate network and therefore presents low risk of introducing malware or unauthorized access.
2. Remind people of your Acceptable Use Policy
People may not be used to working from home and it does introduce a few distractions that aren’t around at the office. It’s a good idea to remind everyone about your Acceptable Use Policy and to ensure they are accessing systems and working in the same manner as they would at the office. Don’t forget, people are often the weakest link in your cyber defense and the distraction of working from home could lead to human error and this is the #1 cause of data breaches!
3. Make sure providing remote access does not increase risk
Assuming the people factor has been addressed, make sure your technical solutions for remote access meet your cybersecurity standards. There are many ways to allow a user to access your network from remote locations but not all are secure. I have seen IT staff open remote desktop ports to allow users easy access to their network. This is also an easy way for bad actors to access your network. Ransomware attackers are constantly scanning for open RDP ports and targeting anything listening on well-known port numbers like 3389. Changing ports doesn’t fool them so keep your guard up and your network secure.
4. Add security with 2 Factor Authentication
Many remote access solution offer and additional layer of security by including 2 factors authentication. This improves your access security by doing a double check on your authentication. You require at least 2 of 3 things to gain authorization: Something you know (password), Something you have (a token such as SMS to your phone), or Something you are (biometrics like a fingerprint). Adding security is always a good thing and many of the remote solutions have this included as part of their service offering. If it’s available, use it!
5. Use up to date VPN solutions
Using a VPN client to encrypt traffic to and from your corporate network is always advised. If this is something that hasn’t been used in a while, make sure the software is up to date. There have been many vulnerabilities identified in VPN software so dusting off an old VPN client still may work but may not be your best option. Make sure any VPN software/solutions being used are fully supported and up to date with their security patches.
6. Shut things down and clean up when this is all over
I think we all hope that this is going to be a short-term solution to a bad problem. Remote access should only be enabled as needed and where possible set remote accounts to expire after a given period. No doubt there will be some cleanup to do once things return to normal so be diligent about making sure you leave things better and more secure than before. I’m sure everyone is practicing good cyber practices and part of that would be to disable remote access once it is no longer needed.
In general, everyone should be reminded that while we go through this difficult time, the criminals are using this as an opportunity. Ransomware and phishing emails being masked as critical Covid-19 information have been flooding the internet. The bad actors manipulate human behavior and emotions to trick you into getting what they want. Do not fall for any of this and delete any unsolicited emails and texts. If you want information on Covid-19, do your own research and only go to reputable web sites. Be safe and continue to be diligent about practicing good cyber hygiene.
If you need help, contact Dream Technology Solutions: