5 best practices for secure and productive remote work
Because of the connected world we all live in, remote work is turning out to be more famous! The advantages of telecommuting incorporate getting good-ability, not geography (Field Engineer does this from the very first moment!), Having a more adaptable work schedule, lessening travel time, limiting exposure to the virus, the list goes on!
In any case, these advantages accompany a few risks. You may know a few, however, others are not necessarily so obvious. To keep you protective and productive, and from your sofa, your home office, or your number-one coffeehouse, here are five remote work hazards, followed by mitigation activities:
Malware on user-owned systems
Remote working opens a company to risk from potential malware on worker’s home systems. Consider keyloggers that scratch corporate passwords, as well as potential virus vectors for deworming malware whenever shared drives or workstations are planned to writable shares in the operating system. Remember that while users utilize their home systems to connect with your company’s network, their systems are not dependent upon the same security controls and surveillance as the rest of the network.
What to do: When possible, allocate users organization-owned assets over which security controls can be applied. When user-possessed systems are to be utilized, monitor the systems connected with the VPN for malware-like activity (blacklisted DNS queries, suspicious POST queries, network scan, and so on), and have a process to eliminate these systems from the network. Also, segment telecommuters from the rest of the network as much as the business needs allow. It might also worth considering implementing a Network Access Control (NAC) system for all gadgets that connect to your network.
Which NAC solutions turn out best for a business largely relies upon the specific prerequisites of that business. Notwithstanding, in the cutting-edge digital working environment setting, it is clear that network access control is getting more significant for data security.
Hiding in the Noise
An expansion in VPN/remote access traffic related to an increase in users performing remote work provides the ideal coverage to malicious actors to try to hide in the noise.
Be considerate about
- Password-wiping
- Avoid using regular passwords
- Unapproved VPNs
- Unauthorized accounts
- Do not leave a single chance to exploit your data by outsiders
What to do: Improve your control of remote access efforts at shared ports, particularly those with common passwords and usernames. Remember that usernames can be simply guessed with minimal thinking using social media platforms, a quick Google search, etc.
Phishing, Spam, and Malvertising
Attackers are convenient and advanced in abusing possible victims.
Examples:
- Phishing
- Malvertising
- General spam emails
- Fake low cost or free product advertisements (face masks & hand sanitizers)
- Word documents with virus-macros (Trojan)
- Fake COVID-19 update sites (they probably refer to WHO)
A huge number of Coronavirus/COVID-19 related domains are being enrolled week-after-week and a considerable lot of these recently enlisted sites are associated with fake operations.
What to do: User education is key here. Users should know about the tremendous volume of trap related to Coronavirus and ask them to report to their security team anything they have in their mail drops. Then the team could be able to take care of unauthorized activity from external files, emails, or remote domains. Furthermore, always remember: if it sounds unrealistic, so be it. Try not to click on it.
Uncontrolled Wi-Fi networks
When users access company resources through public network access (café, library), encoded connections in TLS ordinarily limit the amount of data that can be eliminated by wireless connection through snooping, yet TLS is just acceptable to such an extent that your users remember not to lick on bad notification errors and open their traffic to a cunning foe.
What to do: Teach your workers the importance of safe browsing and avoiding unwanted browser clicks. Give users a telephone number they can call if they suspect the connection isn’t secure. Try not to arrest them for introducing a ticket if they may steal from you! Utilize the guideline of minimum privilege and the standard of minimum access for every single remote user. That way, if any account is undermined, you can (ideally) contain the amount of data lost. Furthermore, multifactorial verification is always a smart thought. Everybody in your team – if remote or not- should have this installed on their organization gadgets and accounts.
Device Robbery
Corporate laptops, USB drives, and external hard drives are always taken from vehicles and homes. How secure is your data on corporate systems and external drives?
What to do: Implement data security policies, for example, encryption on every single external drive and corporate laptops. Consider a solution like LoJack for great corporate resources. And there are some security hacker practices to store and retrieve your data in a protected manner.
We wish you protected and productive remote work!