Refine Your Search

Webinar: Increasing Cybersecurity for Remote Work

The volume of cyberattacks on small and mid-sized businesses has increased drastically as organizations and employees navigate the unfamiliar territory of remote work. For IT leaders, ramping up cybersecurity for the current borderless IT environment moves to the top of the to-do list. Supporting a secure environment today requires two components: the right technology solutions plus employee support in the form of communication and training.

RAMPING UP CYBERSECURITY SOLUTIONS FOR REMOTE WORK

Businesses should focus on adapting to a new remote environment without the borders of your corporate firewall and typical office environment. For organizations unsure of where to begin, the following recommendations cover improving IT, visibility and insight, and response automation listed below including:

  • Remote Access
  • Identity Management
  • Endpoint Control
  • Data Management
  • Awareness Training
  • Processes

Further, organizations can leverage NIST SP 800-46, which provides a framework for enterprise teleworking and remote access.

From an enterprise security perspective, we recommend focusing on the following key areas of enterprise security to ramp up your cybersecurity for today’s needs:

Remote Access

Remote access solutions can be leveraged to ensure that systems attempting to remotely connect to the IT environment meet a minimum set of security standards such as anti-malware protection, patch levels, etc. prior to granting them access to corporate resources. IT teams should continually identify and remediate access policy violations. Finally, avoid exposure of Remote Desktop Protocol (RDP) to the public internet and use secure VPN connections with multi-factor authentication schemes, such as Microsoft Multi-factor Authentication and ADSync.

Identity Management

Protect critical and public-facing applications and resources with multi-factor authentication. Trust models should be implemented and verified that end users can only access resources they need to do their jobs. IT leaders should verify that remote account and access termination capabilities work as intended in a remote environment and are handled timely.

Endpoint Control

With increased access to home networks, endpoint visibility, protection, and mitigation using a solution like Microsoft Intune for Endpoints, is more important than ever. Consider whether remediation and reimaging capabilities will work as intended in a remote environment. Encrypt devices and drives where possible and add this check to your remote access solution as a gate for connectivity. Further, application and web filtering solutions should be configured in such a way as to block known malicious activity and websites.

Data Management

Data classification and Data Loss Prevention strategies are more important than ever. Organizations must ensure their remote workforce is enabled to share data securely and within policy – and has full knowledge of your policy. With employees sharing and collaborating via Microsoft Teams, OneDrive, and Email more than ever right now, monitoring critical data moving outside of policy requirements has never been harder to manage. Making sure that your backup strategy considers how to backup off-premise data and remote storage is critical in business continuity planning with a remote workforce.

Awareness Training

Educate employees regarding spam, phishing, SMSishing, social engineering, and internal security engagement processes. Employees should also be educated on how to identify, report, and avoid malicious emails and links and what process to follow in the event of an incident. A comprehensive user security awareness program, such as KnowB4, will inform employees of the proper use of corporate resources, even when working from remote locations. Without training in these areas, the risk to the environment is even greater than before.

Processes

Finally, review response plans to identify any single-person or equipment points of failure and plan for what happens if that person or service is no longer available. IT teams should identify operational functions that currently require physical presence (financial processes, endpoint re-imaging, etc.) and implement remote-capable processes and procedures to securely allow for the current environment.

EMPLOYEE COMMUNICATION, TRAINING, AND SECURE PRACTICES

Communicating the need for diligence is a strong start for employees. As shared above, employees should be educated on how to identify, report, and avoid malicious emails and links as well as know what process to follow in the event of an incident. For employee education, share as much detail as possible, even visuals of the fraudulent emails if available.

Employees should know to continue to be wary of unsolicited emails they receive that contain attachments or embedded links. There is a continued practice of targeting users using the current news headlines to get users to click malicious links and download viruses via email. Phishing campaigns are significantly increasing their use of COVID themes, and this activity is likely to continue until the news cycle changes. Targeted and mature security organizations can track relevant threat actors leveraging the COVID pandemic with various news and reporting services. Continue to communicate to employees as known risks are identified. It’s helpful for them to know if there are specific attacks going around.

The same precautions employees would otherwise normally take while in the office should be taken while remote. Ensure that employees understand these are still recommended, even in their own homes.

  • The screen should be locked when away from the computer;
  • only trusted and secure WiFi access points such as home WiFi or hotspot are to be used;
  • corporate devices shouldn’t be used for personal activity; and
  • sensible data hygiene should be practiced, keeping corporate data on corporate-protected assets.

Finally, I’ll reinforce the recommendation to implement employee security training if it’s not already in place. Experiential training will help employees learn to identify and avoid malicious emails, as well as provide your IT team with an understanding of which employees require more support and then provide additional training.

SUMMARY

The current work environment has tasked IT leaders with supporting your organizations in new and intensified ways, beginning with the transition to remote work. Ensuring that your organization’s data and technology are secure for today with the right technology and increased employee support and communication is the next vital task for your IT team.

If you have questions or are looking for help with a specific security solution, our experienced KSMC team is here to support you. Contact us to discuss your cybersecurity questions.