Remote Working Safety and Security
The coronavirus (Covid-19) outbreak has forced many office employees to remain at home. In this article we are going to discuss what you should do to be cautious so that both you and your employer stays protected. As employers and employees worldwide are pushed into remote work for the foreseeable future, leadership is paying renewed attention to issues of productivity, connectivity, and reliability. Some companies have hundreds or thousands of people who would normally be used to come into the office are now working from home for an indefinite period, the security landscape has changed.
Understanding the Remote Work Threats:
The remote working model could include everything from a leaky home Wi-Fi network to highly targeted phishing campaigns with far greater distraction among end users. (None of us can really be blamed for the latter, either.) Take your pick from among countless surveys and reports that paint a long-ugly picture of router security e.g. default passwords still in place, old firmware, you name it.
- Organized cybercriminals who could exploit the use of personal devices with fewer security measures/controls in place. Bad actors have a higher probability of gaining unauthorized access to corporate services and resources as a result.
- Fraudsters who could leverage the COVID-19 outbreak to exploit workers who are not used to working on personal and or mobile devices.
- Reckless, distracted, disgruntled users who might not be used to remote working and could generate issues with accidental sensitive data exposure, mistakes in file sharing, and so forth.
- Hacktivists who have ramped up phishing attacks to capitalize on the increased number of end users are now more exposed to the Internet, where they can more easily be targeted.
- State actors who aim to target remote workers from governmental and other critical infrastructure entities who now have access to restricted resources from home.
Narrow your exposure as much as possible:
Multi-factor authentication is table stakes, we advise some other key steps for narrowing your exposure in this new paradigm, too.
Ensure that all remotely accessible services require multi-factor authentication, whether that’s for VPN access, email access or for software applications and web services. Ensure that all physical assets (laptops, mobile devices) assigned to employees are full-disk encrypted and protected at the hardware level through firmware security and Trusted Platform Modules (TPMs). With more devices in motion and in transit, the likelihood of loss through theft or misplaced devices increases, especially in logistically challenging times as we’re living in.
- Endpoint detection and response solutions.
- Encrypted communications via VPN.
- Enhanced identity and access management (IAM) protocols (like multi-factor authentication).
- Continuous network monitoring and the application of least-privilege/need-to-know principles.
- Advanced email, instant messaging, and browsing protection.
- User security awareness training.
Clarity is proud to have been providing Cloud Infrastructure Services to North America as well as several remote working platforms for many years. With the addition of our Dotmantech division and an extensive team of developers, we will continue to surpass expectations.
Call Clarity at 800-354-4160 today or email us at [email protected]. We are partnered internationally around the globe and we are open seven days a week 8:30 AM to 5:00 PM EST/EDT. https://claritytg.com and https://dotmantech.com.