We have reviewed this article one year after the first lockdown and created an updated version, available in this link.
The Covid-19 Pandemic has created a massive rush to get staff operational from home or remote locations. In that rush some security considerations may have fallen to the wayside. As we hunker down for the longer term where, for many, securing your remote workforce is a must as working from home will become the new normal for many. We have outlined 8 key security steps for secure remote working that apply to all companies, regardless of size.
Your IT provider may or may not cover the usage of non-commercial home devices or PCs to access you company’s IT resources remotely. You need to know what is covered and if they are covering home working. It is considerably better to allow them to manage your home workers with their centralised management tools than to go it solo. Ask the question. You may find that during Covid-19 they will extend that mangement for a limited period for a small fee.
While you may have centralised malware protection and monitoring of all the workstations at your physical office, you likely do not have the same level of control for home computers. If possible, we recommend that you ask your IT provider to extend their Malware protection and remote management solutions to your home office users. If that is not an option (and it should be) Webroot offer multi device packages for a reasonable cost that will cover both PC and Mac environments. Macs should not be exempt from using endpoint protection software. One in ten Mac users have been attacked by the Shlayer Trojan.
Set a policy that all home employees must use an antivirus tool on the machines that access the firm’s resources. Moreover, have your IT support provider verify this before your install your secure remote access tools.
You may have had to suddenly set up remote access servers, Windows 10 virtual desktops or other remote access solutions. Whatever you choose, make it consistent as it makes it simpler to manage and roll back at a later stage. In particular do not blindly open remote access ports without thinking of the risks and consequences. Remember that ransomware attackers look and scan for open RDP servers, targeting anything responding on port 3389. For RDP servers you need a VPN solution period.
The Irish Times have reported a huge increase in COVID-19 scams that are circulating. Urge your users to not click on unsolicited emails and to use only official websites. Ensure that the firm has a way of centrally communicating with incidents so that you can trace all official communications and notifications
Make sure your acceptable computer use policies cover staffs’ home computer assets. If this wording is not already there, you’ll need to quickly get up to speed in allowing employee’s personal assets be used for remote access. Policies should also cover remote working protocols and payment processes need to be reviewed to avoid becoming victim of payment scams.
There are two considerations here. Your staff may need to access productivity applications that can only be run from inside your network. In this case a remote connection to a Remote Desktop server or their PC may be best.
For users that just use Office 365 and Cloud based apps you may only need to provide Office 365 applications. For this you will need to consider your licence requirements. An Office 365 license allow you to install the Office suite on up to five PCs or Macs, five tablets and five smartphones. Those with Volume licenses can allow Office for home use purchases for your employees. You may need to review your options and licensing alternatives based on what platform and version of Office you are currently licensed for.
If you are in doubt, reach out to your IT support provider; they may be able to provide temporary licenses with screen connection software that they already use to remotely manage your network.
When implementing secure remote working, consider adding MFA to remote access solutions. Ask your IT support provider about adding a MFA solutions such as DUO.com or Microsoft’s native Multifactor Authentication solution for access to your IT infrastructure both in the office and the cloud. While your company may need to move quickly to allow your staff to work remotely, you can still ensure that only those admins and users are allowed in mitigating the threat of identity theft.
Most Unified Threat Management Firewalls (Sonicwall, Fortinet, Sophos) all package with an inbuilt free SSL VPN client that can be deployed to provide secure end to end connectivity for your end users. Ensure that your Firewall and VPN solutions are up to date as this reduces the possibility of security vulnerabilities.
While this is a stressful time with little certainty about what will happen next, it’s also a great time to prepare your company for the longer haul and preparing your organization for emergencies. It is important to define how you work remotely, review improvements and then secure your remote workforce properly. As always the CIS provide great guidance with their CIS Telework and Small Office Network Security Guide. Review that to see if there are any other security issues you should be monitoring.
1. If you’re looking for an IT support provider get in touch here, or give us a call on 01 6644190 to talk with one of our experts.
2. Discover more about how MS Teams helps remote workers with both communications and collaboration.
3. Review our Remote Working solutions to ensure optimal protection for your businesses.