7 Areas to Focus on for Remote Work Security
Your remote users may be out of sight, but they’re definitely not out of your network. The massive increase in remote work thanks to COVID-19 is giving cybercriminals loads more opportunities to slide into your infrastructure.
These recommendations can help you close off key attack vectors and strengthen your expanded security perimeter. You’ve got this. And if you have questions or need help, we’re here for you.
Anti-Virus
Although it shouldn’t be the only protection against attacks in your network, AV does play an important role. Absolutely every device in your network must have AV on it – no exceptions.
_______ AV installed on each computer, including Macs and mobile devices. This is critical for preventing and detecting viruses. Scanning ensures anything accidentally downloaded gets caught before causing system performance issues.
_______ AV installed on each server and active. It’s important for preventing system downtime. Viruses consuming bandwidth or making the server OS unusable can cause large amounts of downtime.
_______ AV has a central console alerting someone to issues. Don’t rely on end users to ensure scans are running. Having one console for the entire network makes it easier to manage and check the system.
_______ AV can scan for and protect against real-time threats. It should have some process inspection options, not just be definition- or scan-based. Modern viruses change names and files to avoid detection by definition-only-based scans.
_______ AV can block access to web-based threats – especially important since the most common entry point for viruses is now websites.
Anti-Spam
Over 80% of viruses come in through a link in an email. An email server without anti-spam (AS) and anti-spoofing technology is a big risk to your business. Adding a separate AS service before your email system helps:
- Reduce the number of virus links getting through
- Prevent users from clicking
- Stop those emails that appear to come from other staff that are actually spoofed spam messages
_______ AS scans for viruses and spam prior to email reaching the network, if email is in-house. Installing AS on the email server still requires the email server to process each spam message, making it extremely vulnerable to denial of service spam attacks.
_______ AS provides digest email of rejected spam each day. Digest emails alert users to what is in the spam filter without delivering the potentially harmful messages.
_______ AS has email continuity or mail bagging feature to ensure constant email acceptance. Email has become a 24/7 critical function. These features provide automatic failover if your mail server goes offline.
Applications
We always recommend using the latest, most up-to-date version of any software application. This ensures you’re current with support and patches. Letting software age, or having multiple versions in your environment, can lead to inconsistent operations for your staff and create more support issues.
_______ Microsoft Office products are running one of the last 2 versions. Microsoft only supports the last 2 versions and new operating systems may not be compatible.
_______ Line of business applications are in their current version and have support. If an application is critical to your business, then having support to maintain it is equally important.
Security
This section covers important security basics. It’s not an exhaustive list, but these items are definitely among the most vital things you should be doing to protect your users and network.
______ All passwords are strong/complex. Insecure passwords can allow intruders to run programs or scripts to guess easy passwords and gain network access.
______ All passwords are changed every 3-4 months at minimum. Changing passwords ensures prior employees and intruders are unable to guess passwords. Consider notifying remote workers about upcoming password expiration via email, SMS, or push notifications.
______ Set up multi-factor authentication for identity verification. MFA helps protect against credential stuffing, bulk phishing attacks, and even targeted attacks.
______ Policy and process is followed to remove old employees from the system. This helps ensure network integrity.
______ Remote access occurs on encrypted or secure technologies, like a remote desktop server with SSL or behind a VPN. All access from the outside should be encrypted to prevent intrusion or data snooping.
Mobile Devices
Businesses are increasingly relying on mobile devices, especially now. But smartphones, tablets, and other mobile devices provide another crack in your network defenses if left unguarded.
_______ Acceptable use policies and procedures for mobile devices are in place for employees.
_______ MDM (mobile device management) solution in use. This protects corporate data on personal devices. It also restricts users from installing insecure apps. Considering more than 30% of apps in the Google Play store are viruses, app download restrictions are vital.
_______ Mobile devices are managed by a BES or Active Sync Server and are functioning consistently with new devices. BES or Active Sync must be properly installed for reliable email, calendar, and contacts sync.
_______ Mobile devices have a management policy enforced from the server which requires passwords to protect critical business data.
Personal Home Computers
With everyone scrambling to equip a remote workforce, laptops are in short supply. Intel processors are still in a backorder situation and AMD (the other main producer of computer chips) is starting to feel that same strain.
With not enough laptops to go around, many users are working from their home PCs or personal laptops instead. Be ready to meet the security challenges that come with connecting to your corporate network from non-business devices.
_______ Malware is proactively identified on personal computers and removed. Don’t skip this step – roughly 1/3 of home computers are believed to be already infected with ransomware.
_______ Employees' devices are running regularly updated endpoint security software that includes anti-phishing capabilities. Ideally, this software should be centrally managed through a cloud portal so you can monitor and control the organization's cyber posture.
_______ Every employee is connecting to the internet through a VPN.
_______ User access is limited to only the absolutely necessary information.
Security Standards and Expectations for Employees
Have a clear security plan and regularly remind your employees to do their part in protecting the company network and data.
______ Set of policies and procedures for keeping company data secure.
______ Important "Dos and Don'ts" shared with your users:
- Do disconnect from the corporate VPN when not in use.
- Do ensure home routers are up to date, have strong passwords, and have WPA2 security or higher.
- Don’t install new apps without approval from IT.
- Don't share online meeting IDs and URLs on social media.
- Do watch for phishing scams via text, email, or social media.
______ Standards for security software installed on every device used for work.
______ Escalation process for when user issues arise.
______ Frequent cybersecurity awareness training for all users.
Additional COVID-19 Resources
Remote Work and Beyond: Surviving & Thriving During COVID-19