Contrary to expectations, cybercriminals aren’t taking a break because of Coronavirus and are in fact thriving more than ever in the current climate of remote working.
I’ve included below a number of key take-aways that IT security teams and management ought consider when implementing a remote working program.
1. Update and Patch Remote Devices
Malware primarily targets operating systems and applications that are out-of-date or have not been patched.
It’s important that your employees:
Turn on Automatic Updates for Windows and other key systems:
Updating regularly and automatically will ensure that old malware will not impact your employee’s devices.
It’s suggested that home users reboot their devices every day or every week, allowing the opportunity to apply patches. Any Wi-Fi-enabled gadget at home, whether it’s an Xbox, a tablet, a child’s school laptop, or a fridge with an internet connection, is at risk of being infected. You don’t want these machines connecting back to your corporate office.
Keep Applications Up to Date:
Make sure that your employees are aware of how to set up automatic updates for all the applications they use daily.
2. Encrypt Data on Remote Devices:
Windows and macOS feature built-in encryption that prevents unauthorised access to your company’s data even if the devices are stolen.
There is only one thing left to do: turn it on!
For Windows OS, we recommend ensuring all devices are running Windows 10 Pro or Enterprise where encryption at rest settings are turned on by default.
For MacOS, ensuring FileVault is turned on will allow data to be encrypted automatically.
3. Insist on Home Security
It’s not likely that your employee’s home networks are protected by an enterprise-grade firewall.
Encourage your employees to:
Disable WPS on their home router:
WPS has been known to be insecure and prone to brute force attacks. Instead, utilise more secure WIFI technologies like WPA2
Restrict access to staff devices:
More than ever it’s important to consider moving employees away from Bringing-Their-Own-Devices (BYOD) so that IT can control what applications are allowed and disallowed.
4. Secure a VPN
Consider enforcing secure VPN for connecting to work PCs and servers.
Don’t expose RDP:
Rather than allowing RDP (Remote Desktop Protocol) from the public internet through your corporate firewall, use a technology such as VPN to securely connect to your corporate network. Even tools such as Teamviewer or Anydesk are far more secure options.
Always assume an insecure network:
Employees may not be working from a secure/encrypted network, such as those who self-isolate in hotels and use the hotel’s Wi-Fi, so be aware of this possibility. Set up a secure VPN connection for them and give them access to the necessary tools.
5. Enforce Web filtering
There is certainly a distinct between working from home and working the office.
When working from home, employees are more vulnerable to clicking links as they’re more easily distracted and there is a reduced opportunity to flag a suspicious link as you may do in the office when your colleagues are around the corner.
Using the same web filter environment for employees connecting via SSL VPN as they would if they were in the office is critical to keeping them and your network safe.
6. Insist on (and Enforce) Multi-factor Authentication:
Your organisation’s password policy should be clear and prevent users from using a single password for more than one service. Use a password manager, such as 1Password, LastPass or Keepass, to prevent your employees from using the same password across all their accounts.
7. Consider A Remote Working Cyber Risk Assessment:
Help desk teams in larger organisations may already be on hand to assist with routine IT issues. You’ll want to make sure that your users have a separate way to report security issues such as an increase in phishing scams, as these teams will have a lot of work to do over the next few weeks.
Gridware’s Remote Working Penetration Test might be what your organisation needs to accurately assess and remediate your WFH environment within 1-2 days, with clear security recommendations from our experienced network penetration testing team.