It is time to fill the gaps in your work from home security
- Created: Tuesday, 01 September 2020
- Written by Ella Coles
At the start of lockdown a customer instructed us to set up an office PC for colleagues to access remotely from home… but in an insecure way. We explained the risks from hackers etc, but they wanted to wing it. Sure enough three weeks later, our monitoring detected hackers trying to hack into the PC, trying thousands of username and passwords.
To mitigate the threat we proposed setting up a private VPN to add an extra layer of security (no, not one of those you use to watch US Netflix, football). We setup their home computers, and showed them how to connect, eliminating the risk.
Lots of organisation cut corners, quite understandably when Covid started. Now is a good time to review home worker security:
- Secure their logons
Implement Multi Factor Authentication (MFA or 2FA). A strong password on it’s own isn’t enough. Multi factor involves an extra security step, such as an SMS or app on a phone, or biometric method such as fingerprint or facial recognition.
- Encrypt their connection
When users connect to your office, deploy an encrypted VPN connection. This ensures the connection between their computer and your servers is secure and the data transferred cannot be intercepted. When using cloud services make sure they use secure HTTPS connections.
- Manage their devices
Deploy Mobile Device Management (MDM). An MDM system will allow you to monitor, manage and secure laptops, smartphones and similar devices. If a device is lost or stolen it can be locked or wiped remotely.
- Protect their devices
Have a firewall that is enabled and configured correctly on the device, and use Antimalware Software that is updated and monitored.
- Secure your business data
Encrypt hard drives and USB drives with a technology such as Bitlocker, arrange for data to be securely backed up, and have your staff aware that they should only save data in secure locations for compliance with relevant legislation such as GDPR and PCI.
Would you like us to review and secure your home working setup? Contact us now