The coronavirus pandemic has enforced a worldwide lockdown and as a result the edge of the “Enterprise” has been extended into unfamiliar territory with most employees now working from home on a full-time basis.
Many people are now asking “What does WFH mean?” It stands for working from home and here are some basic tips for securing the “Enterprise” for WFH and preventing cyber crime.
Secure Remote Connections– To ensure your remote desktop connection is secure and your company security policy is strictly applied to corporate traffic and data, consider an Always-On-VPN and disable split tunnelling, this will send all traffic, even internet traffic, via you corporate network and therefore through your security infrastructure.
Secure Authentication– Implement a strong password policy and integrate with a Multi Factor Authentication (MFA) solution to strengthen your security posture. Use a Single-Sign-On solution where possible but if this is not an option consider an enterprise level Password Manager for managing the multitude of user passwords.
Endpoint Protection– A phrase many businesses are asking about at the moment is ‘endpoint protection’. To improve security of corporate devices implement full disk encryption and install Anti-Virus & Anti-Malware client software. Patch device Operating Systems, client software and update security signatures on a regular basis to protect from most known and emerging security vulnerabilities. Restrict USB port connectivity such as USB drives and printers to improve Data Loss Prevention capabilities. If your business has a Bring Your Own Device (BYOD) mind set this should have its own corporate security policy. BYOD end point protection is imperative to ensure devices are security compliant i.e. up to date OS with anti-virus and anti-malware software installed.
Physical Security– Encourage employees to shut down or lock devices when stepping away them even at home – little hands and prying eyes are potentially dangerous. If a separate workspace is not available; advise home workers to securely store devices when not in use. If a dedicated network is not available for remote working then provide employee guidance and advice to help safely secure a shared home network with strong passwords applied to home routers, wi-fi access points and IOT devices. Encourage employees from using corporate devices for personal consumption and vice versa.
Home Schooling– Children should always use a separate device from a corporate device for schoolwork. Both are huge targets for cyber criminals who hope to gain access to an organisation’s network through poorly secured remote devices.
Cyber Crime– To help prevent cyber crime and reduce breaches and hacks all remote workers should complete basic Cyber Security Awareness training which will help keep a remote desktop connection secure. If this isn’t feasible in the short term, then encourage employees to be vigilant with emails paying attention to any offering Coronavirus health advice or information and advocate that they only open email attachments if the source is known and trusted.
In these uncertain times the workplace is virtually unrecognisable, cyber criminals are capitalising on basic human fears related to the virus and we are seeing dramatic increases in security threats as a result. Hopefully by adopting these security tips you can improve your “Enterprise” security posture and ensure that your employees have a secure working environment.
For further info about securely working from home call +44 141 291 5500 or email [email protected]
#remoteworking, #cyber security, #wfh, #FullProxy