Given the climate we’ve been in for the majority of 2020 security is more important than ever when it comes to Infosec/IT. Seeing as employees may be working from home or outside networks is more important than ever to practice implement certain measures to help secure your employees & your company data. Here are some ways we at Network Right recommend & help implement across our clientele in these remote times.
VPN (Virtual Private Networking)-
One of the most common ways of protecting your employees at home is to implement some sort of VPN. A VPN helps encrypt your employee’s data across the internet & secure all information that’s transferred. This setup can be as simple as looking to integrate a solution such as OpenVPN or NordVPN for your team to help encrypt their traffic or going as far as implementing a full hardware/onsite equipment at the network level to have your employees connect just as if they were at the office. Enforcing certain rules such as only being able to access certain company resources or files while on said VPN.
A VPN is useful across many spectrums, it encrypts traffic end to end ensuring all work they do is secured whether they’re on public or home wi-fi. Given the amount of data we’re sending nowadays as well as the increased work from home, the internet as a resource is one that’s become very essential. How your employees connect & send data over the said connection is equally as important & why you may want to consider some level of VPN setup.
Mobile Device Management-
Commonly referred to as an MDM this tool comes in handy in a multitude of ways when it comes to protecting your employees. Not only does it let you track assets & push out updates/apps but it also lets you remote wipe computers in the event they’re lost or stolen.
This is important because given the remote climate laptops may be more vulnerable to accidental damage or even theft. Ensuring your team has an MDM in place allows IT to remotely wipe the machine or even go as far as to track it. Popular MDM’s like JAMF for Mac or InTune for Windows allows all sorts of controls over your companies fleet of machines & is an investment worthwhile from productivity to security in this remote climate.
A security measure we commonly put in place for our clients is 2FA or some level of multi-factor authentication. This feature ensures that there are at least two methods of verification when logging into an account. So for example outside of entering your companies email password, you would be prompted for a code that’s texted to your phone. This creates a second step to login into the account, so in the event, someone compromised your password to a critical login there’s a backup. 2FA is flexible & can be triggered for example only when you log into an account for the first time on a new device or a different location.
While it may not be as common in a work from home setting you can invest in physical security procedures to help your remote workforce stay safe & protect their hardware. While some of these implementations may be over the top for certain setups we understand that different companies have certain data protection policies in place & protecting that asset is a top priority. So here are some methods to do just that.
Physical protection is often overlooked however with the remote climate & work from home, accidents can be more common. So investing in some cases for your employees to physically protect their machine from drops, spills, and so on goes a long way.
Physical multi-factor authentication
Some of our clients require further data protection policies & sometimes physical factor devices are what is required for certain setups. Products like the “YubiKey” are great for ensuring users are who they say they are & in the event, someone gains even physical access to the laptop that a second physical key is required to gain access.
Thus why now more than ever as employees are a mix of work or personal machines, accessing accounts on home networks, and from a nontypical location, 2FA is vital to securing account access. Ensuring outside parties can’t get in even with access to a user’s password or account off the bat.
Phishing/Spam Education & Protection-
With the remote workforce at an all-time unfortunately so are scams. Nefarious parties trying to get people to log in to fake portals, compromise sensitive data, or just outright gain access to company hardware all amidst these work from home times. This is why it’s important for you to keep your employees up to date & remind them of proper phishing/spam hygiene. Sending out information & resources to ensure they avoid said scams they may get via e-mails and what not while working from home.
Tips such as:
Verify email source (Double checking the “From” field)
Be wary of emails asking for any sensitive info or logins (Especially unwarranted password resets)
IT teams can ensure proper spam filtering & phishing rules are in place to prevent domain spoofing, email address look-alikes, and so on (We at Network Right specialize in this across platforms such as G-Suite & O365!)
Asking users to report said spam/phishing attempts to help improve email algorithms & flag domains/senders to block & so on
As time goes on in this work from the home state, there will always unfortunately be those trying to exploit said times. So doing your best to keep your team informed & aware is a key step!
On that same token ensuring not just the physical but digital aspect of your employee’s machines is protected is vital. While we may not always be able to control the environment in which an employee connects to a secured network or user behavior we can help prevent attacks through Anti-Virus or Endpoint management deployment. Deploying anti-virus/malware software like Sophos, Malware Bytes, and many others allow us to remotely scan assets & ensure no nefarious programs or software has infected the systems. It also helps prevent users from accidentally getting exposed to scams or malicious downloads. Remote or not it’s a good practice to deploy some form of endpoint protection to your fleet & there’s no better time than now to ensure company data is protected at the digital level.
At the end of the day, everyone has different living situations. That said though the climate we’re in may not be optimal, it doesn’t mean there aren’t things we can do to help protect our employees & the companies data. Whether it be a home network or users on personal devices there are always ways to help secure & make it a safer & seamless experience for your workforce in these already difficult times. These are just some of the many steps you can take to further protect your remote workforce. At Network Right we help ensure our clients & their team are secure & safe amidst this work-from-home period. As in keeping them safe, we help protect the company’s valuable assets & allow them to continue their work efficiently.
Reach out today if you are interested in implementing any or all of the above at your company today to help everyone be more safe & secure in these already difficult work-from-home times.