Remote Working and Network Security
Remote working poses unique risks to the corporate network. Be sure your remote workstations are properly secured and protected from cyber attacks. Cybercriminals are extremely active in this space and business owners are learning this too late. We have resources to help you.
Businesses large and small are finding ways to reduce office expenses by utilizing shared in-office work spaces and at-home workstations.
There's a Lot at Risk
One cyberattack can wipe out your company. Your clients. Your reputation.
Remote working requires specific security and work-from-anywhere protocols. Be aware that most home networks are not secured.
We care about your security and know that money is tight. We’ve put together a free business guide, “8 Security Threats for Remote Workstations,” that covers some of the most vulnerable areas. This guide will help you tighten security now.
Why does remote working pose a high risk to corporate networks?
Personal devices used for work
Company VPN’s insecurely used at home
Weak firewalls and outdated software
Increased phishing attacks
Cyberattacks are on the rise and cyber-criminals are on track for a banner year. Phishing attacks alone have increased 600% since the beginning of the COVID-19 pandemic, and are responsible for more than 90% of reported data breaches.
As of July, 2020, 16 billion records have been exposed, up roughly 400% from the same period in 2019
The majority of home networks are not secured. Cyber-criminals are well aware of this and are infiltrating company networks at alarming rates.
A visit to the Cyber Savvy Cafe is like a really great coffee break discussing topics of interest with your friends at work: New tech, IoT devices, cyber training, remote workstations, streamlining IT for efficiency, and more.
Short, 20-minute episodes every Wednesday. Add us to your morning playlist!
Ssn 1 Ep 8: Remote Workstations–Closing the Open Door
Remote workstations are here to stay, but lax home network security is putting corporate networks at risk. Here are some steps to help secure your network and close the doors to a cyber breach.
Get your copy of the free guide mentioned in the show, “8 Security Threats for Remote Workstations: How You Can Mitigate Your Risk.”
Why Remote Workstations Put You at Risk of a CyberBreach
Show Notes for Ssn 1 Ep 8
- Remote workstations pose specific risks and require additional security measures, staff training, and work-from-home protocols to keep the corporate network secure.
- Many companies have not yet set aside time and resources to set up secure workstations, company devices, and protocols for remote employees.
- Employees working remotely are more vulnerable to falling prey to phishing emails and other scams, potentially giving cybercriminals direct access to the corporate network.
What do employers need to do to secure their employees’ remote workstations and protect company data?
- Company Device
- When possible, a company-issued laptop is the safest workstation:
- A foundational caveat for using a company laptop: DO NOT USE FOR ANY PERSONAL USE.
- There are times when a personal device is being used at work, and those need special protocols.
- Public Wi-Fi
- All public Wi-Fi should be considered unsafe, and untrusted.
- We’ll be covering this in-depth in Ssn 1 Ep 9: Spies at the Coffee Shop
- Accessing Company Resources and VPNs
- Users will probably need to access resources that are in their corporate offices.
- Employers have the ability to implement a sophisticated VPN from an untrusted workstation back to the corporate network, allowing that user access to specific resources from restricted channels.
- Passwords and Two-Factor Authentication
- Turn off autocomplete, and any saved passwords.
- Better solution: Use a password management app, like LastPass.
- Follow current industry recommendations for secure, unique passwords. (LastPass will generate secure passwords for you!)
- Enabling multi-factor authentication is an easy way to tighten security and should be used for all accounts.
- Check out Ep 5, Password Secrets and the Book of Codes for a deeper discussion of this topic.
- Use firewalls for personal networks. Always have your provider firewall enabled, like Windows. Depending on how many devices you have on your home network, you should go even deeper than an anti-virus like Webroot.
- Don’t rely on your ISP access point or anything it provides. Go out and buy your own security device or firewall and plug it into theirs–and then keep it updated. Some recommendations:
- Sonicwall Tz105 UTM
- Cisco RV110W
- Ubiquity UniFi USG
- Get a hardware firewall hooked up that allows you to create virtual networks. Put your primary computer on one, and IOT devices on a separate network with no access to the computer in case an IOT device gets compromised.
- Listen to: Ep 4 IoT Devices and Network Security for more on this topic.
- Phishing emails
- Phishing is the #1 way of getting inside your network.
- Check out our back episodes on phishing, #2 and #3, and Ep 7: The Perimeter is Dead, for more information.
- Don’t open PDFs, Word docs, images, or any attachments that come in an email without first verifying with the sender.
- Beware of Bogus Websites, Apps
- Phishing emails and bogus websites centered around information about current events can crop up by the thousands (e.g. apps with global tracking maps during the pandemic containing spyware and malware.).
- Do not seek information from untrusted sources. Doing so can compromise your device and the company network.
- Personal Devices
- An employee’s personal device can be managed through a Bring Your Own Device policy
- Use a VPN when connecting remotely, or use Microsoft’s cloud offering.
- Best Practice: Use Microsoft Windows Virtual Desktop in the cloud.
- Using your personal phone or tablet to check work emails, files, etc. is a big NO when working from home.
- In the event an employee’s device is infected with malware, spyware, etc., Mobile Device Management sets up a “business space” and will keep that area separated and protected from the rest of the items on the device.
Your hosts: Rex Nance and Penny O’Halloran of East Atlantic Security, LLC @ https://eastatlanticcecurity.com
Voiceover Artist: Paul Kadach at www.voices.com
Cyber Awareness Training and Support
Cyber awareness training and support is a vital element in securing remote workstations: user protocols, company policies, phishing simulations and ongoing support
Why is cyber awareness training so critical?
Your team is the gatekeeper to your network
Phishing attacks account for more than 90% of reported data breaches.
30% of phishing emails get opened by the intended user.
More than 3 billion phishing emails are sent every day.
Phishing attacks, insecure passwords, and unsafe user protocols can open a back door straight into your network. Cyber awareness training and staff support play a critical role in network security, especially where remote workstations are involved.
East Atlantic Security keeps your staff up-to-date with current threats through extensive, ongoing cyber awareness training, phishing simulations, and supplemental training.
There is no advanced warning of a cyberattack
Take time now to secure your remote workstations and close the backdoor to your network.