Are my remote workers protected from cyber security threats?
Today we are going to delve into a topic that’s on everybody’s mind. Maybe you’re afraid to ask, because you won’t like the answer. Or perhaps you feel like you’re protected so why tip over the apple cart?
Since we sometimes like stirring up the hornet’s nest, we are going to examine how secure your remote workers really are. Are your employees protected from the latest cyber security threats? Do you have to worry about ransomware or viruses? Should you be using a VPN? These are some of the questions we will dig deeper into.
As we go along it is recommended that you run through a self-assessment. You can then assign yourself a score, and at the end you will knows how secure your remote employees really are.
What should I be worried about?
We won’t hide the fact that we are addressing a serious topic that deserves to be dealt with head on. However, we don’t want to be alarmist and give the impression that it is all doom and gloom. The current situation should be enough to cause awareness. Hopefully, company’s take the threats seriously, and allocate the necessary time and resources.
These issues are not going to fix themselves. The biggest issue facing you right now, is waiting. Each moment you wait to act brings you one step closer to an eventual attack or breach.
This may sound like a bold statement but let’s analyze it.
Every week new updates are patches are released. Every week new threats or exploits emerge.
Updates fail to get applied. Anti-virus software goes out of date, but the malicious threats remain current. New methods and techniques are deployed.
Keep in mind that the hackers never relent. They don’t become complacent. They know that unless they continue to evolve, they will be defeated.
Compare the attitude of the hackers to your own internal security culture.
Let’s take a moment to self-assess:
- Do you run updates or patches every day? Every week? Every month? Never?
- Do you make sure your anti-virus software isn’t out of date?
- Is the firmware on your firewall up to date?
- When is the last time you had everyone change their password?
- Do you use the same password for email and logging into your computer?
If you were not able to answer yes to all these questions, then you have work to do. These questions cover the very basic, or bottom level of cyber security. They represent the bare minimum to have even a fighting chance at avoiding a breach.
The good news is that these items are relatively simple to address. This goes back to our first point, don’t wait to address them. Get a plan into action this week to get these 5 items taken care of. Once you have a solid foundation you can go further.
What about my remote workers?
Apply these same 5 questions to your remote workers.
- Are there home PC’s up to date?
- Is their anti-virus up to date?
- Is the firmware on their home router up to date?
- When is the last time they changed any of their passwords?
- Do they reuse passwords?
Add to these 5 a sixth question:
6. Are you remote workers sharing a computer with their family?
But are my remote workers safe?
The quick answer is it depends. We will continue digging deeper and highlight areas where you may be at risk.
We posed the question are your workers using a shared computer. If they are, this may pose a security risk. My children are not as security conscious as I am. If you are using a shared computer, I hope at the very least you are using a separate account.
A separate account won’t completely prevent unauthorized access to company data, but it is better than using the same account your kid uses to play Roblox or Discord.
Are your employees required to use a VPN in order to connect to the work environment remotely? Hopefully, the answer to this question is a resounding yes. It would be acceptable to use a client and connect directly into a Virtual Desktop.
One thing that should be avoided at all costs is direct Remote Desktop access. First, exposing Windows Remote Desktop directly is bad. It is like having telnet wide open. Just don’t.
The other reason this is a bad idea, is most of the traffic is unencrypted. It is possible that data could be revealed simply by someone connecting to your employee’s home wifi network, and then sniffing the traffic.
Using a VPN, preferably SSLVPN encrypts the data. Since the data is encrypted it is more difficult for it to be viewed. Using an SSLVPN also allows your company to record when a user’s account is used to connect to the VPN and where they are connecting from.
In the event your employee’s VPN credentials are compromised or stolen, you would be able to pinpoint where that connection is coming from. You also have the additional information associated with connecting and disconnecting so you can be sure your employees are working when they are supposed to be.
Anti-Virus software is good, but Managed Detection and Response is better. Hopefully, you provided an anti-virus license to all your remote workers. If you didn’t, it is time to get them a license. Don’t use a trial and avoid using a free product. Dig into the budget and find some resources to purchase additional licenses.
If that isn’t possible, then it may be wise to rethink your entire approach to end point protection.
Managed End Point Detection and Response is next generation protection. MDR will protect not only your corporate computers and servers, but your employee’s home computer as well. MDR will protect against the following threats:
- Lateral Movement
- Island Hopping
- Unknown Threats
MDR utilizes a live Security Operations Center SOC, for real time reaction to threats. The SOC will perform actions such as network isolation, which prevents an infected end point from compromising the rest of the network. The SOC will also provide remediation services to help recover from a ransomware or other security breach.
MDR is a huge leap above and beyond traditional anti-virus software. The 24×7 monitoring and the intelligent software is the perfect answer to the work from home employee.
We covered logging briefly when we reviewed VPN access. Logging is often overlooked by more organizations, but it is an effective tool. The more you can see, and the more historic data you have access to, the better protection you will have.
Logging allows your team to see events occurring as they happen, as well as analyze what has already taken place. The forensic information is necessary when analyzing a successful breach should one occur.
This is another benefit of MDR, as a good MDR solution can provide forensic information and allow you to see the anatomy of a successful breach.
Logging may not provide the same level of detail, since it won’t pick up everything that happens on the endpoints. Logging will, however, reveal if accounts tried to escalate privileges, what traffic accessed specific ports, and where the traffic came from.
No Cost Cyber Threat Assessment
Hopefully you were keeping score and were grading your success this entire time. If not, you can take advantage of a no cost cyber threat assessment.
Our unbiased report will show you if any vulnerabilities exist and provide concrete ways to address them.
Call 216-619-2000 and choose opt3 to sign up.
You can also visit https://n2net.com/offer/free-cyber-security-scan-cleveland/ and sign up online. Either way don’t miss this opportunity.