Preparing for the Unknown Has Become a Reality

Working Remotely

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Preparing for the Unknown Has Become a Reality

Many established companies were used to going into their brick and mortar offices, and then were forced to go remote. How prepared were you for this change?

We have come across a couple of scenarios to which you might be able to relate. If that’s the case, take the next steps to make sure your remote employees and company’s data remain secure.

Scenario 1: Primarily in the office, with limited work from home capabilities

  • Not prepared at all, or very minimally, for temporary remote work.
  • Business policy limited work from home.
  • Majority of employees had desktops, which meant laptops and home workstations had to be purchased.
  • Set up each one with USB wireless and train them.

Did you set up each laptop with access to a secure wireless connection?

If no, here’s what to do:

  • Ensure wireless connections are either certificate-based self-signed or with two-factor authentication.
  • If scale is an issue, limit access only to resources immediately critical to job role.

Did your company discuss multi-factor authentication?

If no, here’s what to do:

  • Define the high-risk group as executive and critical knowledge workers.
  • Establish multi-factor at least for high risk group.
  • Find a solution that is easy to implement and maintain.

Document everything you do carefully. Take the extra time as it will pay off if you have to troubleshoot and later will prepare you for proper architectural planning when the urgent need subsides.

Use this time now to:

  • Establish secure remote access that can scale to meet the current and on-going needs.
  • Evaluate and document risks associated with the rapid deployment of remote access.

 

Scenario 2: Company had an in the office and remote work option from the beginning

  • Seamless transition to working remotely.
  • Gave a timeframe expectation timeframe for remote work.
  • Helpdesk is now open, which means remote access support is likely extra work, plan for the long run.

Did you train all employees to securely access the company network remotely? (OR, did you send out updated remote working guidelines to reinforce protocol?)

If no, here’s what to do:

  • Write up specific instructions with pictures.
  • Make sure to expect the mistakes that will be made and show them how to fix them.
  • Never underestimate the simple errors.

Did you update firewall protocol due to the increase in remote activity?

If no, here’s what to do:

  • Get help! This is the most forgotten part. Have a second set of eyes review.
  • Ensure you have some level of regular logging and review to validate you are not under attack.
  • This scenario could last months, so make sure to update signatures and patching.

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »