The global COVID-19 crisis means that more people are remote working than ever before. Businesses rushed to enable their employees to work from anywhere very quickly, which may include access to sensitive company data. In the rush to stay operational during the crisis, it can be easy to overlook security in favour of convenience. However, remote working can be done securely, and here are some key pointers to help you.
Secure Windows Remote Desktop
A quick way of enabling remote working is to enable Windows Remote Desktop (RDP) and open port 3389 on the firewall. BAD IDEA! RDP has had a lot of security vulnerabilities associated with it and should not be exposed directly to the internet. Use Remote Desktop Gateway or a VPN to protect the systems you want to provide access to while remote working.
Deploy a VPN
A VPN enables employees to make a secure connection into your internal network from anywhere.
The connection is encrypted between the remote computer and network so it can safely be used without fear of snooping. For the employee, it can appear to them as if they were connected directly to the internal business network. You should consider adding multi-factor authentication to ensure that if a users password is compromised the connection is still protected.
Enable Multi-Factor Authentication
Multi-Factor Authentication (MFA, but also known as 2FA) adds an additional ‘factor’ to the login, in addition to the password. This ‘factor’ is usually something that you have like a mobile phone, email address, or security token that provides and an extra code needed to log in. You may be familiar with using this as it has become very popular recently being used by banks, the UK Government website and many more. You should consider adding MFA to any critical system exposed to the internet. This includes, but is not limited to, VPN, email, CRM, accounting system and any other cloud-based system used to run your business.
Update Your Systems
Having endpoint software is up to date is key to ensuring that they are protected from known vulnerabilities and malware. Having a strategy and systems in place to check and enforce anti-virus, Windows and other software updates means you know that your users’ endpoints are up-to-date and protected as much as possible.
Educate Your Users
Threats from phishing and other scams are at an all-time high, with hackers trying to take advantage of peoples fears about the coronavirus. Employees need to be educated now more than ever. Protection for the human layer comes down to training and education. Following the training, you need to keep users on their toes and there are services available that will can automate this.
Have Remote Working Policies In Place
Clearly articulate what behaviour is expected, and not expected, to your remote workers. If a user does something that puts your business at risk, you can’t reprimand them if you didn’t communicate policy. You may also be able to enforce some of this policy (updates, web browsing, etc) using technology, but even if you can’t enforce you should explain what is, and what is not, allowed.
We can help
If you need any assistance with remote working more securely, or remote working full stop, please contact us on 01299 382 321 or get in touch through the website.