In effort to help those who are still looking for a way to securely connect their workforce from home, we are offering our SOC2 secure remote solution at no cost — please send us a message so we can extend our support.
The year 2020 has already been eventful – too eventful for many of us. As if there weren’t enough worries in the world, we’re all in the midst of dealing with a global pandemic, COVID-19. However, if there’s a silver lining, it’s that when society is faced with the worst, we have seen communities come together, offering help to their neighbors and taking action to ensure their families are safe.
At Xamin, we are working to help our friends, clients, partners and colleagues during these challenging times. The remote workforce, both domestically and globally, has expanded exponentially over the past few weeks.
While many have prepared for scenarios such as this through business continuity planning and disaster recovery testing, others are struggling with enacting plans to scale-up their remote work infrastructure to handle the influx of users requiring this connectivity.
As more and more users connect to their systems remotely, the attack surface for potential bad actors and malicious software continues to expand. To ensure your IT staff and remote workforce can help mitigate risk, we recommend following these tips and suggestions:
1. Heighten Awareness and Education for Employees on the Increased Potential for Phishing and Ransomware Attacks
An unfortunate reality of the world we live in is bad actors weaponize the public’s fear to gain access to an organization’s network resources. This is especially true during the current COVID-19 pandemic as emails with malicious attachments and links to fraudulent websites are being sent in large volumes.
Some of these phishing attempts try to trick employees into donating to charities or causes benefiting the people affected by the pandemic. Be cautious when receiving emails related to COVID-19 in the subject line, in an attachment or through a hyperlink.
2. Audit All Current Virtual Private Network (VPN), or Remote Access Method, Infrastructures and Accounts
Review the current VPN infrastructure to ensure firewalls and appliances have updated firmware and any remote desktop or Citrix servers are fully patched. Remote access accounts should be reviewed, confirming only users who need access have it and users are provided least privilege access to network resources.
Audit logging should also be enabled for all remote access solutions. It’s critical the remote access solution appliances and software are fully patched and updated as the dangers of distributed denial-of-service (DDoS) attacks and others like it increase due to the large growth of remote users.
3. Enable Multifactor Authentication for Any Services or Applications That Allow It
If multifactor authentication (MFA) isn’t already enabled for cloud or SaaS services, now is the time to do so. Hosted exchange services through cloud providers such as Microsoft’s Office 365 are very common.
Enabling this functionality in the cloud and for any other software that’s accessible outside of the network, should be a priority. If time permits, adding MFA to the primary remote access tool, such as VPN or Citrix VDI, should also be protected by a dual-factor authentication solution such as RSA or DUO.
4. Ensure Company-Owned Systems Accessing the Network Are Patched
Making sure any company-owned systems being provided to staff for remote access are completely updated with any operating system and security patches. This also applies to antivirus and antimalware software, ensuing they have the latest application and definition updates.
5. Enable the Local Firewall on Workstations and Laptops
Some internal policies will disable the local Windows firewall on company workstations and laptops. Before these laptops leave the facility, be sure to update the local policy on these machines to enable the firewall.
6. Ensure Home Networks Are Secured with Encryption and Strong Passwords
While businesses and their IT partners won’t be able to enforce network policies outside of their facilities, organizations should recommend that employees check their home wireless networks for a strong password. If they are using wireless routers provided by their local internet provider, the employee should update their network password to a strong password than the default.
7. Ensure Home Network Devices and Personal Computers Connected to the Home Network Are Patched
Another recommendation for staff is to update their home router with any available firmware. These firmware updates patch potential security holes and help keep the home network protected. Since employees will most likely have other devices connected to their home network, companies should also recommend operating system updates to these devices.
While this sudden transition to a primarily remote workforce can make any business uneasy, being prepared is a good start to securing your remote workforce. These tips and recommendations can help alleviate some of the concerns of many highly regulated and reputation sensitive companies.
Xamin understands the struggles many of you are going through and we’d also like to offer some technical assistance. If your organization is struggling to find or deploy a secure remote access solution in a timely manner, we’re currently offering a secure solution at no cost — please connect with us to learn more about how may be able to help!