remote worker

Securing your business’ remote workforce from the latest threat trends

With novel coronavirus (COVID-19) creating more demand for companies to facilitate remote work capabilities for employees, security must be carefully managed. A number of new threat trends are specifically targeting remote workers, including phishing, malware, directed attacks on home networks and more. We have compiled this list of best practices and configurations to avoid to assist your company in managing its remote workforce and maximizing security resilience as a follow-up to our article about preparing your business for remote work. In addition, please review our cybersecurity presentation for SMBs: risks, trends and best practices.

Best remote work practices:

  • For workers that must connect to on-premises resources, such as servers, utilize securely configured VPNs with strong encryption and authentication credentials.
  • Ensure that home workers, wherever possible, use a wired rather than wireless connection to maximize the security, bandwidth and stability of their connection.
  • If wireless is necessary, ensure that the AP or router has the latest firmware and that their equipment has the latest wireless drivers to mitigate the “kr00k” attack vector and other vulnerabilities.
  • Commercial grade endpoint protection to secure machines from attack is ever more important when working in a less secure environment, such as a home network, shared workplace or otherwise.
  • Ensure all workers are able to use multi-factor authentication for as many business accounts as possible. Recommend using an app such as Authy to facilitate that.
  • Because more communications will be by email and other text channels, encourage all workers to authorize any requests, such as money transfers, access, sharing of other information by phone to mitigate phishing and social engineering risks.
  • Have a local and remote backup solution in place with a generous retention policy, encrypted backups and if possible, some level of ransomware detection and mitigation.
  • If workers are storing data on their machines rather than a cloud-driven solution or remote server, migrate to a cloud-driven central data storage and file sharing solution to enhance productivity.
  • Encourage workers to have wifi hot spots pre-configured that they can enable on their phones in case there are Internet access disruptions.
  • Provide a company contact list with everyone’s email address, phone number and, where applicable, instant messaging so that there are multiple channels of communication available at everyone’s fingertips.
  • Where possible, segment networks, so that workers are on a separate network than other shared devices.
  • Ensure that all the latest security patches are regularly installed for devices, such as Windows updates, MacOS updates, Android and iOS updates.
  • So that IT is able to help remote workers if they run in to problems, have a remote screen sharing / desktop access system in place in advance of sending workers to work from home and test it.
  • If on-premises equipment is important for remote access, ensure that they have ample backup power in case of any interruptions in the form of UPS battery backup. Replace batteries that are older than 2-3 years.
  • Require passwords on all systems, whether phones, tablets or computers.
  • Where sensitive data is being handled, consider upgrading the firewall of your remote workers to a solution that supports intrusion detection and prevention, DNS and IP blacklisting, GeoIP fencing as well as stronger packet inspection capabilities.

Remote work practices to avoid:

  • Do *NOT* use port forwarding to give workers remote access to resources, such as RDP, VNC, file sharing, or otherwise.
  • Avoid the usage of outdated solutions, such as VPNs on routers with outdated firmware that hasn’t patched the latest security issues or where only outdated and vulnerable encryption is available.
  • Communications pertaining to COVID-19 from untrusted sources are likely to be phishing or malware. Do not open any such communications, whether an email, attachment/download, link, instant or text message.
  • Avoid sending any sensitive information over email (or text messages) unless strong encryption (stronger than a password protected Microsoft Office document, for example) is in place. Otherwise it may be compromised.

If your company needs help managing its workforce and a transition to more remote work, please reach out. We can help.

Posted in cybersecurity, Malware, risk management, small business, telework.