Working Securely From Home

by | Disaster Recovery, Managed Service, Security, Services

As COVID-19 continues to spread, many businesses are assessing how they can prioritize employee safety and still maintain regular business operations.  One solution many businesses are turning to is recommending employees to work from home to avoid potential illnesses. To help ease the burden on businesses, Microsoft, Google, LogMeIn, Cisco Webex, and Zoom are providing free remote working tools. They aren’t great tools and have their limitations, but will work in a pinch.  A few have short term options like Zoom with their $15/mo and no contract.

With the huge increase in remote work, companies will have to adjust in various ways to avoid cyber security risks or interruptions to business. Remote workers have different security controls and needs.  Normal business security controls may be ineffective when employees head home, especially if they are using their personal equipment.  Here are the all the things we normally recommend, and in this case are fully supported by the Cyber security and Infrastructure Security Agency (CISA) and the CDC.

CISA’s Guidance
CISA released an alert to encourage organizations to adopt a heightened state of cyber security. According to the CISA, remote work options require a VPN solution to connect employees to an organization’s network.  CISA encourages organizations to review the following recommendations when considering alternate workplace options:

  • Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
  • Alert employees to an expected increase in phishing attempts.
  • Ensure IT Policies get put into place or followed for: Telework, Remote Access, and Bring Your Own Device (BYOD).
  • Implement Multi Factor Authentication
  • Alert employees to contact IT to report incidents, phishing, malware, and other cyber security concerns.

The CDC has released some best practices for a disease outbreak plan where telework is concerned:

  • Review human resources policies to make sure that policies and practices are consistent with public health recommendations and are consistent with existing state and federal workplace laws.
  • Explore whether you can establish policies and practices, such as flexible work sites (e.g., telecommuting) and flexible work hours (e.g., staggered shifts), to increase the physical distance among employees and between employees and others if state and local health authorities recommend the use of social distancing strategies.
  • For employees who are able to telework, supervisors should encourage employees to telework instead of coming into the workplace until symptoms are completely resolved.
  • Check with your IT provider to ensure that you have the technology and infrastructure needed to support multiple employees who may be able to work from home.

 

In addition, we here at 3rd Element are recommending the following best practices and advice for how businesses can remain secure through potential remote work scenarios.

  • Use a Secure WiFi Network.  Keep a strong password on your home WiFi.  DO NOT use public WiFi. If you send your data through an unsecured WiFi connection, you lose the power of privacy making it possible for cyber criminals to intercept your data. You ARE putting personal information at risk if you are accessing your email account or sending sensitive data over a public WiFi network.
  • It’s essential to ensure your network is secure through the use of a VPN (or the icon we have provided to you),  a strong password that isn’t easily cracked, and multi factor authentication.
  • Secure Your Home Workstation: Ensure you have fully patched and updated anti-virus and anti-malware software.  It’s important to follow the same best practices you would as if you were in the office, and report any suspicious activity or concerns to 3rd Element.  When something happens, we care about getting it corrected and secured first and foremost.
  • Do not wait until the last day or hours before you need something to first start reporting it, especially during a crisis.  Plan ahead.

As we move into the new normal, don’t hesitate to call, send an email or even just come hang out with us Wednesday’s for virtual happy hour.  We’re in this together.

 

0 Comments