More predominant than ever, remote working due to COVID-19 presents security challenges for all businesses which cannot be ignored.
With the incursion of COVID-19 into our lives and work, many businesses continue to be faced with assessing and prioritizing employee safety while maintaining business operations. And even though some businesses are opening back up, even if just partially, the fact is many people will continue to work remotely for some time.
Because working remotely has increased exponentially, companies have had to prepare in multiple ways to avoid cybersecurity risks and/or interruptions to their businesses. Things that are often taken for granted in the workplace, such as email, messaging, office chats, and video conferencing must be understood in the context that security controls shift with remote access.
Such things as firewalls, DNS, and IDS/IPS could be ineffective when employees head home. Most environments that support VPNs must be able to protect the remote user, ensuring enough bandwidth of users and remote desktop sessions.
Managed service providers (MSPs) recommend the following best practices and advice for how businesses can remain secure through remote work scenarios.
- Use a Secure WiFi Network: If possible, you should work on your secure, private home network instead of relying on public WiFi. If you send your data through an unsecured WiFi connection, you lose the power of privacy making it possible for cybercriminals to intercept your data. You may be putting personal information at risk if you are accessing your email account or sending sensitive data over a public WiFi network. It’s essential to ensure your network is secure through the use of a VPN and a strong password that isn’t easily cracked.
- Secure Your Home Workstation: Ensure you have fully patched and updated anti-virus and anti-malware software. It’s important to follow the same best practices you would as if you were in the office, and report any suspicious activity or concerns to your internal IT or your MSP.
- Coordinate with Your Internal IT or MSP: When working remotely, it’s crucial to continue your typical cybersecurity best practices and reach out with any questions or concerns.
When implementing alternate workplace scenarios such as working remotely from home, CISA (Cybersecurity and Infrastructure Security Agency) recommends the following:
- Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
- Alert employees to an expected increase in phishing attempts.
- Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery. Per the National Institute of Standards and Technology (NIST) Special Publication 800-46 v.2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, these tasks should be documented in the configuration management policy.
- Implement MFA on all VPN connections to increase security. If MFA is not implemented, require teleworkers to use strong passwords.
- Ensure IT security personnel test VPN limitations to prepare for mass usage and, if possible, implement modifications— such as rate limiting—to prioritize users that will require higher bandwidths.
- Contact CISA to report incidents, phishing, malware, and other cybersecurity concerns.
When chat features are provided by Google, messages are sent and received through Google’s RCS (Rich Communication Services) back-end over the internet using data and Wi-Fi. With RCS, messages can be delivered to (or received from) users on other RCS service providers. If chat features are provided by Google, your messages go through Google’s RCS back-end, and are then routed to your recipient’s RCS back-end (if your recipient isn’t using Google RCS). Delivery of SMS and MMS messages, which are always sent through your carrier, won’t change. For more info go here.
Videoconferencing service Zoom recently launched a round of security upgrades after coming under scrutiny during the pandemic. The incremental improvements are part of a 90-day plan the company announced to overhaul its practices. One change is that Zoom will now offer AES 256 encryption on all meetings, meaning data will be encrypted with a 256-bit key. Zoom previously used AES 128, a reasonable option, but a controversial one because it claimed in documentation and marketing materials that it used AES 256 all along. Find more details here.
VAZATA Cybersecurity Monitoring uses a combination of best-in-class technology, cutting-edge analytics, and artificial intelligence to monitor and protect organizations. The comprehensive platform is easy for businesses to implement without sacrifice to security. A cloud-native, streaming data analytics platform, VAZATA Cybersecurity Monitoring includes a fully managed SIEM and a team of experts to decipher and remediate alerts, whether your systems are on-premises, in the cloud, or both. Contact us for more details.