Masks won’t stop malware
The world is currently shaken by covid-19, the respiratory disease caused by a coronavirus. Different countries have established different rules regarding public gatherings, but self-isolation – that is, staying at home and avoiding contact with others – seems to be a common thread in the advice of most health authorities.
For many people, working from home is now a real possibility. Broadband Internet access at Ethernet speeds is no longer a science fiction dream, and many jobs are keyboard-and-screen based.
However, as John Douglas, Technical Director of First Response points out, “there are a number of obvious risks involved when employees are allowed to access the corporate network from outside. While attempting to avoid the covid-19 virus, an enterprise may find itself exposed to computer viruses and other malware”.
In the case of sales representatives and others who regularly work outside the office, an enterprise or organisation will often supply laptop computers with a standard build of operating system and applications, and a security policy enforced; for example, users are not allowed to install applications.
Of course, if the number of homeworkers increases dramatically as the result of isolation policies, there will not be enough laptop computers for everyone. A BYOD (Bring Your Own Device) policy will have to be enforced, but this should be different from an in-office BYOD policy, where the aim is to keep unauthorised devices out of the enterprise network. In the case of self-isolation, these unauthorised devices need to be connected to the network. This brings a new set of problems to be solved.
Making sure only the right people get in
One of the first jobs to tackle is identification. Anyone who logs into the network must be a trusted user – and multi-factor authentication (MFA) whereby ‘what you know’ (username and password) is combined with ‘what you have’ (a hardware token or authentication app on a phone) is one way around this.
Both Microsoft and Google, among others, offer their own solutions along these lines, and any user with a smartphone can download the appropriate app, sync it to the authentication server, and then use the challenge/response system that makes up MFA.
Keeping the malware out of your network
Next, it is important to ensure that machines connected to the network are (a) not infected by malware, (b) are not capable of being infected – at least easily, and (c) that the gateway to the internal network that will be used by these users is properly protected.
Ideally, there should be up-to-date anti-virus software installed on every machine used by remote users. It may be too much to insist that all remote users have the same anti-virus software installed, but in the case of users who are roaming the Internet unprotected, the organisation should make protection available at no charge to the user. It is, after all, much cheaper than cleaning up the mess after malware has attacked the network, having been introduced by an infected remote user.
In addition, there should be a minimum standard below which no machine is allowed to access the network, with obsolete operating systems or browsers being the criteria. Older versions of Windows, no longer supported by Microsoft, and their associated browsers, are particular candidates for blocking. There should be a no-exceptions policy stipulating what remote machines are permissible, enforced as strictly as possible.
Lastly on this front, your network should be guarded by anti-malware devices and implementations – just in case anything gets through.
What happens in the network, stays in the network
And thirdly, it is necessary to prevent eavesdroppers from reading the confidential information sent between your employees and your network. If you do not already have a VPN (Virtual Private Network) installed, which secures the traffic between the remote users and your network, now is the time to install it. When a coffee-shop WiFi connection can be cracked in minutes by even a moderately skilled hacker, and most home wireless networks are little more secure, a VPN is not a luxury, but a necessity.
Another useful solution here, once a company sets up a VPN server for users to connect to, they can simply ‘remote’ to their normal desktop computer and work as if they are in the office. This uses the Remote Desktop Protocol, or RDP and is a much more secure way of working. It also avoids the situation where employees are downloading sensitive company data to home machines to work on. This has many implications, especially under GDPR.
And beware of those trying to take advantage of the situation
We are in the middle of an emergency – whether the government has declared one or not – and in an emergency we tend not to think very clearly. Scammers can and do take advantage of our confused state. Do you know what aid is available from the government bodies for your enterprise? The odds are that you don’t know all the details – and this is what the scammers are counting on.
If they ask you over the phone for your corporate bank details so that they can transfer the sick pay compensation into the account – beware! Double-check. Return the call to the number on the government Web site – not the number that called you. And if they send you a link to a Web site, check and double-check that address. Stay safe.
If you are unsure about how to implement any of these measures, our trained associates and security specialists at First Response can advise you on any or all aspects of protecting your organisation against the threats and risks that come with working from home. And when the pandemic goes away, you’ll be safe in the knowledge that your network is future-proofed.