By: Craig Pollack, Founder & CEO, FPA Technology Services, Inc. (www.fpainc.com)
These days, working from home has become the de facto standard for most knowledge workers. Now that employees have seen how well it works, we’re knee-deep in a HUGE culture shift. As they say, Work From Home is here to stay. Now what? Well, now more than ever this means that you need to ensure that your employees and their home systems are as safe and secure as when they were inside your office. Here are our best practices for making sure your staffs’ WFH setup is as cybersecure as possible…
Every security professional would agree that if you’re working from home, you need to have a “real” firewall in place. This means a business-class one.
Similar to the firewall concept, every machine on the home network should have a business grade anti-virus protection. Windows Defender is not ok.
VPN (Virtual Private Network)
This one goes without saying (although I’ll say it anyway). Do not allow your staff to connect to your network without a VPN (Virtual Private Network). It’s not ok to open ports on your firewall. All connections into your network must be secure!
All machines that are used for any sort of business function should be patched on a consistent basis. The easiest way to ensure this is happening is to add the machine to your Windows domain and have your IT department monitor and manage it.
TREAT IT LIKE AN OFFICE COMPUTER
Add the home computer to your office’s Windows domain. This will seriously up the security level of the machine. This way, you can control and manage it no differently than if it were in your office.
DUAL FACTOR AUTHENTICATION (2FA)
Similar to a workstation in your office, implementing 2FA will further ensure only secure users are accessing the machine, your network, and any related resources. This is must in the office, so it should be a must for Work From Home machines too.
WIRELESS ACCESS POINTS (WAPs)
Lockdown all wireless access points. Ensure encryption is turned on, the guest network is turned off, and the administrator password has been changed.
This is latest wrinkle adding to the complexity of securing the Work From Home environment. IOT (or Internet of Things) refers to all the devices that are now connectable to the internet. Things like the Ring doorbell, the Nest thermostat, Apple TV, Alexa, and even the latest refrigerators (not to mention WiFi capable printers) – are all devices that connect to the Internet in some way and are now additional failure points that hackers can take advantage of.
Most file sharing applications (Dropbox, Box, Anchor Sync, even OneDrive) are really file syncing programs. This means if you install the program on a computer, it stores a copy of the file(s) on your computer. A HUGE security breach if the computer isn’t secured appropriately. We recommend NOT installing any file sharing or syncing programs locally unless the hard drive is encrypted or the machine is being managed by your IT department.
Every Work From Home user should know and understand the cybersecurity risk they’re now presented with – especially phishing. Everyone needs to understand how to connect remotely and what secure means. And what it means to the company if they’re not an active participant in the company’s cybersecurity footprint.
This is no longer a luxury that you’ll deal with when you get around to it. Having the appropriate Telecommuting and Work From Home Computer Use Policy in place is a must for every company with a remote work force. If you don’t have one, check out our template here.
DEVICE ADMINISTRATION AND PASSWORDS
One of THE most important items to address is to change the default Administrator password on every device that’s on the home network! Remember, IOT devices are all gateways for hackers to get into the home network then get into yours. Consider that the default Administrator password that comes preset on every device is available and known to any half-way decent hacker. If they find any of these devices on the home network, they’re in. So, at the very least – ensure these are changed ASAP!
With the Work From Home paradigm here to stay, now more ever it’s critical to protect your business by making sure all of your remote staff are as cybersecure as possible. You can find more details here: www.fpainc.com/work-from-home-resources