Experts from the National Cyber Security Centre have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit COVID-19. With many businesses now being forced to send the workforce home to work, many business owners are faced with a very unknown reality.
Depending on the size of your business and the number of employees you have will understandably vary the complexity of your given situation when it comes to invoking the working at home policy. However, that said; there are a few things you should consider whatever your situation to ensure you and your business remain secure while allowing your staff to remain productive.
Secure your home network
Ideally you should use a company-issued PC, most likely a laptop, however, during a crisis, this may not always be possible, especially with such short notice, and personal laptops may have to suffice.
The first thing to do is make sure all devices on your home network adhere to a strict compliance policy. Ensure personal laptops/desktop are running Windows 10, has the latest security patches installed, has anti malware software, update the anti-malware software to perform daily scans.
Ideally you should install advanced endpoint software on any personal laptops – this will detect unusual behaviour.
Whilst staff are using company laptops, ensure that all up-dates and scans are still active for windows patches and anti-malware.
BitLocker – Windows Users
If employees are taking company laptops off the business premises, then you should activate BitLocker (BitLocker is a feature of Windows, there are alternatives for Mac users).
If you are using a Windows device, you can activate the BitLocker application which will encrypt entire volumes on the device. BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.
Make sure to record the encryption key – if you lose it you won’t be able to access the data.
Advanced Email Security
Email is currently a high-risk target for most organisations right now.
Whether you run a business, charity or an educational establishment; it is recommended that you use an e-mail filtering service that scans all e-mails for threats such as malware, phishing or impersonation. It’s especially important to scan attachments, if your staff are using their own devices.
Ensure your DNS records are up to date. Correctly configured SPF and DMarc records can stop spoofing your organisations e-mail domain.
If your employees have no choice but to use personal home computers, you can provide controlled access to your systems.
You may already have a next-generation firewall. Is it configured to allow remote access via a Virtual Private Network (VPN)? Setup a VPN for employees to use, of whom will be connected via a VPN client. Staff can then connect to your network.
When staff connect to the firewall, enforce a policy to check all endpoints connecting are compliant with anti-malware software, patch levels etc.
We recommend you restrict access from personal laptops to a server that provides remote desktops or VDI sessions.
Microsoft remote desktop service or virtual desktop technology allows you to install your applications, mapped drives and printers etc in a central place or via individual virtual desktops.
You will need to license a new virtual server, each virtual desktop and buy client access licenses for RDS.
- Ensure its patched to the latest firmware.
- Ensure that the firewalls are configured to monitor all incoming traffic, even trusted sources.
- Ensure your firewalls scans encrypted traffic over a VPN.
- Ensure that your firewall or endpoint solution is decrypting SSL traffic – most malware sites will use SSL (Https) to bypass any security.
Utilising Cloud Storage
Having access to files on-the-go means that should you need to work from home suddenly, the risk of disruption in workflow is significantly reduced.
A cloud storage system and a strong Internet connection makes accessing and manipulating data relatively simple and pain-free.
Collaborative platforms play a crucial role in helping a remote team’s function efficiently and to meet goals effectively. It will also help to increase productivity and help your team communicate across multiple time zones, if necessary.
Cloud storage can help remote workers (and their employers) establish a more secure platform for files, individual assignments, and shared work projects.
If you are using cloud systems, providing remote access or have laptops being taken out of the building then you should apply a secondary level of security on top of traditional passwords – two factor authentication (2FA). There are many free options out there, both Google and Microsoft have 2FA apps which you can download onto a mobile device. LastPass have a browser extension authenticator on their premium plans, and there are various suppliers of authenticator key fob devices for specific use cases, such as securing a laptop.
If you have installed 2fa, then consider relaxing the password policy until things return to normal. If you have many users with passwords expiring on the same day, this could be disruptive.
Most Important - Stay Connected
When working from home, it is always good to keep that team culture alive, especially when we may feel so distant during this bleak time.
Microsoft is making Teams available for everyone! Now you can utilise video calling and easily collaborate on documents for free with Microsoft Teams.
Working from home means a lot more video calls. Teams like to see each other when they collaborate, using your built-in webcam and basic headphones should work well enough, but if you can, it is worth getting some better-quality equipment to improve online communication.