The COVID-19 pandemic is resulting in significant concern and uncertainty in our communities and globally. Many organisations are moving to adopt a remote working approach so as to avoid the chance for transmission between teams and reduce the spread of the disease.
The challenge for organisations is how to stay digitally safe from the kitchen table? What are the common pitfalls to avoid?
Most people will be remote working from their home wi-fi. Occasionally they may be out and about – at a cafe for a change of scene – on a different wi-fi network. Either way, what’s the security of that network like? Are your neighbours using it? Are you even using the network that you thought you were? Use a VPN to encrypt traffic back to your corporate environment. Always use SSL for HTTP endpoints. If you are connecting to AWS, consider using the the AWS Client VPN service. Even if you aren’t using AWS, you could use it to provide a VPN solution for your teams.
As a minimum, check the security of the wi-fi network you are using. Make sure it is at least using WPA2 with a strong password (and not one on a post-it-note on the side of the coffee machine). If in doubt, don’t use it. Use your phone as a hotspot instead.
Not everyone will have access to a corporate device when remote working. What software is installed? Is there anti-malware software installed? Has it been updated recently? All up, there are several considerations to ponder.
If your teams are using a VPN to join the network, you need to care about the state of that device. After all, once on a corporate network what are you now exposed to from that device? Consider how you can allow access? Can you provide access to services such as email without a VPN? Perhaps you can provide access through secure public endpoints instead?
Don’t forget the problem of people leaving business data on endpoints. It’s hardly exclusive to remote working but with more people doing it there are more opportunities for data leakage. Consider using corporate file stores, such as Google Drive or Microsoft OneDrive.
If you really want to provide the corporate experience without the hardware, virtual desktops may be a solution for you. Cloud hosted solutions such as Amazon Workspaces negate the need for expensive hardware and software purchases. They give you control back of the desktop and your business data. In fact, right now, AWS is offering the use of up to 50 Workspaces for free for the next three months!
Phishing and scams
Sadly, there are a queue of people looking to take advantage of the distraction and the change to a new normal. Be on the look out for emails related to COVID-19 especially ones with links or attachments. If they are from unknown and unsolicited sources, delete them and report them to your security team.
Don’t neglect education for your teams, now more than ever.
Treat your home like the office
Just because you are on the kitchen table, doesn’t mean you can forget how you might behave in the office. Block your webcam unless you actually need to use it. Make sure you lock your device when not using it. Importantly, don’t store business data locally. Don’t leave devices or documents unattended and in sight in the car or a cafe (should any still be open!).
Visibility is important
With a distributed workforce, visibility becomes just as important. Do you have visibility of your remote teams? Are you logging sessions and looking for suspicious traffic? How are you ensuring that your security controls are working? You normal patterns of access have changed and the old baseline no longer applies.
Integrate your remote working solution into your existing security monitoring tools. If you don’t have one, now might be a good time to stand one up. One of the Cloud based solutions, such as Sumologic or Rapid7’s InsightIDR will allow you to get up and running quickly. However, don’t forget to set them up so that you are provided with meaningful and actionable alerts. Don’t overload your security team with more false positives in an already stressful time. If you need help, don’t be afraid to ask!
Does your incident response work for remote working?
What happens if you get some kind of security incident? Do you have the tools and the process to investigate and analyse the incident for a remote working endpoint? Test your incident response process and, if necessary, update it to fit the new normal! Obviously, having visibility (see above) is foundational to being aware of an investigating any incident.
Check your passwords
No, it’s not really a security tip but have you ever tried to log on remotely when your password has expired? Try changing it from an unconnected endpoint. It’s not a fun experience! Don’t clog up the already overstretched support staff. If your password is going to expire soon, change it before you head home!
If you are looking for some advice or wandering how you are going to support your remote working teams, get in contact. We have a bunch of experience as we live it everyday and we are ready to help your business survive and even thrive in difficult times.