Working From Home Part 2: Coronavirus and Cyber Security Threats

/ coronavirus / cyber security / home

In the last article in this series, we looked at the collaboration tools available today which aid in us working more efficiently when working remotely.

Maintaining the security of your IT systems and data does not need to depend upon where users are working from. Whether working from home or from the office, layers of security should be in place to protect the organisation from attack. Secure home working can be achieved in a number of ways and very much depends on the organisation’s existing infrastructure and requirements.

In this article, we want to go through some key IT security considerations to review, especially if you’ve suddenly had to move operations to home-working due to the COVID-19 pandemic.

Cyber security, what is it?

We have already seen a slew of phishing emails doing the rounds masquerading as advice on dealing with the pandemic. In these emails, scammers embed links to phishing sites or try to infect your computer with a (computer) virus; almost poetic!

Not only this but all of the other threats out there still exist, from brute force attempts at breaking weak passwords, through to ransomware attacks.

Opening doors on networks to give users remote access, also creates another avenue for attackers to get in so it is crucial that this is done in the right way, with as many mitigations in place as possible to combat the threat.

Your IT Security Policy

It’s time to review your organisation’s IT policy in light of the changing way in which we need to work.

Your IT policy is there to set out the fundamentals of how you use technology in your organisation. It does not have to be a technical document, that detail can be added later, to start with map out how your users need to access and use technology to do their job. This will help to identify any potential threats. Some considerations:

  • How up to date is your employee IT policy document? Does it include remote working and use of personal devices? Unsecured personal devices with access to work accounts are often a weak point
  • Specifics around taking equipment home?
  • Does it include employees unsanctioned use of new software?
  • Is there a process for updating software centrally?

By having an up-to-date a and relevant IT policy, you stand a better chance of avoiding potentially compromising situations, and everyone knows where they stand.

Cloud apps

Services which live outside your organisations firewall are becoming more and more common, and for many good reasons. Most services are now hosted via the Internet rather than a server you own, which is more affordable, scalable and you don’t have to worry about replacing old hardware.

Assessing cloud apps is a potential attack vector into your organisation and your data. Securing your access can be done in a number of ways, such as linking your access account to a Single Sign-on (SSO) identity provider, and more simply using a combination of a complex password, a password vault such as LastPass or 1Password and crucially multi-factor authentication (MFA).

Access to cloud apps should be controlled centrally in the organisation, so joiners and leavers access can be amended as required.

Remote Worker Security Gateway

Creating a perimeter around your IT with the help of a firewall remains one of the most effective ways of mitigating security threats. This is often achieved by a installing a ‘security appliance’, which is usually a hardware firewall subscribed to a service which updates your firewall with new threat definitions actively protecting your network. Vendors such as Cisco Meraki offer home working solutions called ‘teleworker gateways’ which securely link back to the office network and its resources. These boxes conveniently provide corporate WiFi and ethernet ports and will even power a VoIP handset.

Remote Desktop Server

A remote desktop server offers a full Windows 10 environment for users to connect to via an application on an existing computer (Mac or PC) or via dedicated hardware. As the environment and data is hosted somewhere other than the device the user is accessing it from, strong security measures can be put in place server-side to protect the organisation.

Remote desktop services are often employed by organisations wishing to cut the costs of replacing workstation computers, as the work is done on the server. As a result the workstation itself no longer needs to be highly specified, therefore reducing cost.

Benefits:

  • Limited configuration and specification requirements on end user devices
  • Anti-virus, logging and restrictions can be imposed to the environment without encroaching on the end user device; particularly useful if it is a personal computer
  • Data remains on the server, so backups are taken care of and there is no worry that company data won’t spill over onto the users personal computer

VPN

If you need easy to access resources on your office network such as a file server, a VPN is go-to solution. A VPN requires a hole in your perimeter firewall (usually your router) to be opened up so traffic can pass through. A secure ‘tunnel’ is then established between the remote computer and the network. Securing this is vitally important, as opening up VPN ports on your firewall exposes the network to attack.

Luckily there are some great ways in which this can be secured.

Securing your VPN

Authenticate the user - Utilising multi-factor authentication (MFA) is often a great method. In practice, anyone wishing to access the network has to provide a code. As long as the user has their code and the VPN connection settings, they can access the network from any device.

Authenticate the device - If you wish to limit which devices your users can access the network from, binding your devices to a mobile device manager (MDM) drastically reduces the chances of a malicious party being about to access your network. In this model, all of the PCs, Macs, iOS and Android devices are listed on a pre-authenticated list. If the device isn’t on the list, it won’t be permitted access to the network.

Check List:

  1. Assess the threats to your organisation from a very high level. What potential risks are there for your particular organisation with how you work? Work with IT to determine if there more secure ways of achieving the same things
  2. Review your IT policy and update it with any new ways of working, make sure this is then distributed and explained to employees
  3. Identify the method(s) in which you remotely connect to your office and check with IT to make sure all possible mitigations have been put in place
  4. Identify all the cloud apps in use by your organisation. How is access controlled? Is this centrally managed? Are strong passwords and MFA enforced?

Remote working offers maximum flexibility to organisations and employees and can save money on rent and increase personal wellbeing. The lasting effects of this pandemic on our society may not all be bad, and new types of working can be adopted for everyone’s benefit. If you’d like assistance or advice around anything in this article then please get in touch.