To help those looking for a way to securely connect their workforce from home, we’re offering our SOC2 secure remote solution at no cost. Please send us a message so we can extend our support.
The year 2020 has already been eventful – too eventful for many of us. As if there weren’t enough worries in the world, we’re all dealing with a global pandemic, COVID-19. If there’s a silver lining, it’s that we’ve seen communities come together, helping their neighbors and ensuring their families are safe.
At Xamin, we are working to help our friends, clients, partners, and colleagues during these challenging times. The remote workforce, both domestically and globally, has expanded exponentially over the past few weeks.
Many have prepared for scenarios like this through business continuity planning and disaster recovery testing. Still, others are struggling to scale-up their remote work infrastructure to handle the influx of users requiring this connectivity.
As more users connect to their systems remotely, the attack surface for potential bad actors and malicious software expands. To ensure your IT staff and remote workforce can help mitigate risk, we recommend following these tips and suggestions:
1. Heighten Awareness and Education for Employees on the Increased Potential for Phishing and Ransomware Attacks
An unfortunate reality of the world is hackers weaponize the public’s fear to gain access to an organization’s network resources. This is especially true during the COVID-19 pandemic; hackers are sending emails with malicious attachments and links to fraudulent websites in large volumes.
Some phishing attempts try to trick employees into donating to charities or causes benefiting the people affected by the pandemic. Be cautious when receiving emails related to COVID-19 in the subject line, in an attachment, or through a hyperlink.
2. Audit All Current Virtual Private Network (VPN), or Remote Access Method, Infrastructures and Accounts
Review the current VPN infrastructure to ensure firewalls and appliances have updated firmware, and patch any remote desktop or Citrix servers. Remote access accounts should be reviewed, confirming only users who need access have it, and users have the least privilege access to network resources.
Enable audit logging for all remote access solutions. The remote access solution appliances and software need to be fully patched and updated; the dangers of distributed denial-of-service (DDoS) attacks and others like it increase due to the significant growth of remote users.
3. Enable Multifactor Authentication for Any Services or Applications That Allow It
If you have not enabled multifactor authentication (MFA) for cloud or SaaS services, now is the time to do so. Hosted exchange services through cloud providers such as Microsoft’s Office 365 are common.
Enabling this functionality in the cloud and for any other software that’s accessible outside of the network, should be a priority. If time permits, adding MFA to the primary remote access tool, such as VPN or Citrix VDI, should also be protected by a dual-factor authentication solution such as RSA or DUO.
4. Ensure Company-Owned Systems Accessing the Network Are Patched
Make sure any company-owned systems provided to staff for remote access receive updates with any operating system and security patches. This also applies to antivirus and antimalware software, ensuring they have the latest application and definition updates.
5. Enable the Local Firewall on Workstations and Laptops
Some internal policies will disable the local Windows firewall on company workstations and laptops. Before these laptops leave the facility, be sure to update the local policy on these machines to enable the firewall.
6. Ensure Home Networks Are Secured with Encryption and Strong Passwords
While businesses and their IT partners are unable to enforce network policies outside of their facilities, organizations should recommend that employees check their home wireless networks for a strong password. If they’re using wireless routers provided by their local internet provider, employees should update their network password to a more secure password than the default.
7. Ensure Home Network Devices and Personal Computers Connected to the Home Network Are Patched
Another recommendation for staff is to update their home router with any available firmware. These firmware updates patch potential security holes and help keep the home network protected. Since employees will most likely have other devices connected to their home network, companies should also recommend operating system updates to these devices.
While this sudden transition to a primarily remote workforce can make any business uneasy, being prepared is a good start to securing your remote workforce. These tips and recommendations can help alleviate some of the concerns of many highly regulated and reputation sensitive companies.
Xamin understands the struggles many of you are going through, and we’d like to offer some technical assistance. If your organization is struggling to find or deploy a secure remote access solution quickly, we’re currently offering a secure solution at no cost — please connect with us to learn more about how may be able to help!