Cyber Security and Working From Home
While some employees are familiar with working from home and their employer has policies and procedures in place, the current climate has made remote working a necessity for many businesses to continue to operate. This brings a new set of dangers to the employer as they struggle to get their workforce connected. With this increased take-up, companies must ensure they maintain data security and continue to comply with GDPR.
Here are some recommendations:
Using company hardware is one of the most important elements when home working. Companies need to determine from the very beginning if they will provide laptops for their workforce or if the remote worker will use their device (BYOD). Although it may be cost-effective to adopt a BYOD policy, there is a great deal of risk involved if security procedures and policy are not enforced.
All company-owned hardware would normally have approved software and licensed applications installed. These include but are not limited to disk drive encryption, managed antivirus, additional firewall and security settings and managed security updates. If a company allows an employee to use their personal computer, they must ensure the devices poses no threat to the company’s infrastructure.
Remote workers need reliable access to work effectively. If your filing system is on-premise, the best way to achieve this is by using a VPN gateway coupled with Remote Desktop access. This will provide a secure encrypted tunnel through the Internet to your company network. The Remote Desktop application then allows your employees to access their desk computers as if they were in the office.
Using Remote Desktop helps stop data leakage by preventing the transfer of company data to the employee’s personal devices.
Your company’s VPN solution should be monitored for unusual/suspicious activity and must be kept up to date by the timely installation of security patches and upgrades to gateways, VPN servers and your remote clients.
Remote access and login credentials to cloud services can be further protected by using MFA. The process works by asking for additional authentication after the user password has been entered. This can be provided by SecurID key, smartphone apps and text messages to registered phone numbers. With MFA, employee’s login credentials are much harder for hackers to exploit.
The demand for remote working has seen a huge increase in the use of video-conferencing, chat and collaboration platforms (such as Microsoft teams). Security is obviously critical when considering the likely sensitive, confidential and / or valuable information that will be shared on these platforms. Seek advice before committing to a particular platform.
All remote workers should only have the minimum access rights assigned to give them access to the network, services and files needed to perform their duties. Excessive access privileges can be exploited by malicious actors to gain a foothold in the organisation. Administrator access should never be granted on company computers unless the user is part of the infrastructure management team.
Installing Security Patches
New security patches must be installed as soon as possible after release. Servers, computers and laptops are potentially vulnerable to malicious exploits if security updates are allowed to lapse. Automatic installation of security patches should be made available to all remote computers.
Your IT department should be able to monitor the health and security status of your remote assets. This will enable reporting of antivirus updates, installation of security patches and general system health. By monitoring your IT assets, you can identify potential issues before they can impact the business.
Your IT department should assist in security training and awareness. Home workers can be more vulnerable to phishing and malware delivered over email or compromised websites. Your employees should be able to contact IT support if they suspect malicious activity.
Traditional penetration testing will provide a snapshot of your security status at the time of testing. With the ever-changing threat landscape and new vulnerabilities, consider next-generation penetration testing solutions that are able to continuously monitor your defences and provide on demand scanning and reporting.
Email is the most common and successful attack vector employed by hackers. The number of phishing attempts is on the rise and employees need to understand the warning signs. Your email infrastructure should be protected by DMARC, malware and phishing filters to help prevent delivery of these nefarious messages. But unfortunately, these security measures are not 100% reliable. Malicious emails will usually contain the following warning signs:
- The subject or content contains a sense of urgency or time limit.
- The email is poorly written.
- The sender is unknown to you or does not look genuine.
- The email asks you to confirm personal information.
- The email requires you to click on links to access a document.
- The email contains suspicious attachments.
If in doubt, contact your IT department who should be able to validate the message and may also run training to raise awareness of these types of attacks and help prevent them from occurring.
It is important to maintain secure system backups for your on-premise and cloud-based applications and data. An effective backup solution and retention policy will protect your company data from accidental loss, hardware failure and cyber attacks.
This article is provided for general information only and is not intended to be nor should it be relied upon as legal advice in relation to any particular matter. If you would like more information on any points raised above please contact Steve Morgan at email@example.com