Title : Considerations for a Remote Workforce - II

Posted by : Jonathan Sanchez | 2020-07-10

As the whole world is switching to work from home, we have put together few cyber hygiene practices all companies should implement and practice.

Support Hotline - Non-technical people should not perform technical tasks; this could lead to even greater risk. Call your helpdesk/ tech support team  

VPN - Set up a company VPN and require it to access the office network and resources. And make sure the firewall and infrastructure can handle all the "new" inbound traffic.

MFA - Many times Multi-Factor Authentication (MFA) is enabled but not enforced, so make sure it is enforced for all users and apps. If hardware tokens are too expensive, use an Authentication App on a smartphone rather than 2FA (Text messages). 

WiFi - Wifi must have WPA-2 security and don't publish your SSID / Wifi Name. Never use shared/public Wifi, and if possible, use a wired network, and create a separate network that is dedicated for your work computer from all other devices

Complex Passwords - Do not under any circumstances save your passwords to your browser. Use long and complex pass-phases and don’t reuse them. Use a unique password for your Wifi, Apps, Router, etc...

Keep your device updated - Apply the latest security patches (OS and Apps) and avoid outdated Operating Systems like Windows 7 or XP across both Virtual Desktops and Personal computers.  

Endpoint protection - Use a NextGen anti-virus solution on all remote devices.

Firewall - Make sure the built-in firewall is properly configured and always enabled on remote devices.

Backup - Direct users how and where to back up their data, don’t rely on them to come up with a solution. Preferably an encrypted offline back up.

Encryption - Encrypt files stored on devices. Many options exist for protecting files including encrypting individual files or folders, volumes, and hard drives, and avoid using removable devices such as USB sticks.

 

 Identify which employees are working from home.

  1. Designate your work area
  2. Do not let family or kids use office laptop
  3. Don’t try to solve technical issues yourself
  4. Call and verify request from your colleagues
  5. Don’t email documents to your home printers
  6. Do not use social media apps.