Securing Devices at Home and Work: How to Create a More Secure Remote Work Environment

During week #2 of National Cyber Security Awareness Month, learn how to secure remote work with cyber security actions such as: 

• Deploying endpoint detection and response (EDR) solution
• Using email security to protect inboxes
• Installing firewalls
• Scheduling a vulnerability assessment 

Secure your remote workers

It’s officially week two of the 2020 National Cyber Security Awareness Month! 

Last week, we covered the top 4 cyber security practices to enhance your security posture.

Check out the week #1 NCSAM article for complete insight into:

• Creating strong and unique passwords
• Improving login security 
• Updating software and hardware
• Best data backup practices

This week’s focus of NCSAM will be showcasing the various ways you can directly protect your connected devices from cyber attacks. In response to new changes in the workplace, this article will outline the top cyber security actions you need to secure your internet connected devices at home and work. 

A changing work landscape

As the COVID-19 pandemic continues to shake up our everyday norms, businesses of all sizes are trying to adapt and discover new ways for their workers to do their roles remotely. Some reports forecast that 42% of businesses will embrace remote work to keep their workers safe from the virus.

Although there is no certain way to know exactly what the future will hold, we can still set forth better cyber security habits and implement stronger security policies that will benefit your company whether remote or not. This guide will help your business improve its cyber security foundation overall while raising awareness on this important issue.

More remote workers… more cyber attacks?

Working remotely can be a nightmare for those responsible in IT or cyber security for a business. Traditionally, the IT department is able to oversee network security and have better control over cyber security because employees were in a physical location (office space) with company issued workstations, connected to a secure network. They know their employees are protected through a list of firewalls, network monitors, endpoint solutions, and other security solutions. 

With employees who work remotely, all bets are off for establishing cyber security standards, as each person could have a different work-from-home setup. 

For example, employees who work from home may have: 

• Consumer grade hardware / software which may not fulfill all requirements of the organization
• Misconfigured software/devices such as routers, and security settings
• Varying operating systems, some out of date
• No physical security controls to watch for theft of devices/data
• Unsecured public network connections

How to keep remote work secured

Many organizations have tried to remove the security concerns by issuing a company computer. Although this is a step in the right direction, cyber security gaps still exist. 

Ensure your employees are protected from cyber attacks while they are working remotely, and make time to secure remote work via the cyber security policies and procedures for your company. 

Take the time, especially during the National Cyber Security Awareness Month, to implement these products and services that can keep your business data safe during work from home conditions. 

Here are the actions you can take to improve the remote work environment cyber security:

Deploy endpoint detection and response (EDR) solution

While employees work remotely away from the office network, it will be difficult to monitor any possible threats that are on their individual computers. An endpoint detection and response (EDR) solution can help businesses better keep track of malware threats on their individual computers and endpoints. 

Fortunately, many organizations are taking action to secure their endpoints with endpoint security, even if their employees are working remotely from a distant network. 53% of businesses cite endpoint security as their number one issue, which has gained extra attention during the pandemic. 

Endpoint security allows the IT team to have greater visibility of any threats detected on a remote system.

Use email security to protect inboxes

Organizations must protect their employee inboxes to make sure they are kept safe from incoming malicious email attacks. 

Take the time to assess the email security for your company and determine whether there are proper security controls in place to protect against phishing. Email security is a relatively inexpensive cyber security cost for an organization that can greatly reduce their chances of ransomware or malware on an employee’s endpoint. 

When considering an email security solution, be sure it comes equipped with link and attachment sandboxing. Malicious links and attachments are the most common ways email threats are spread and this adds a crucial layer of security.

Users of popular enterprise email services, such as Google’s Gmail, can feel a sigh of relief that their inboxes have an extra layer of security. Google showcases how they are protecting businesses against cyber threats during COVID-19, and they reported blocking up to 18 million daily malware and phishing emails trying to leverage fear from the coronavirus pandemic. 

Earlier this spring, the Federal Bureau of Investigation (FBI) issued a press release anticipating a rise in business email compromise schemes related to COVID-19. 

The Centers for Disease Control and Prevention (CDC) warns businesses and consumers of COVID-19 related phone scams and phishing attacks which everyone in the company must be aware of. 

Fortunately, many organizations are taking action to secure their endpoints with endpoint security, even if their employees are working remotely from a distant network. 53% of businesses cite endpoint security as their number one issue, which has gained extra attention during the pandemic. 

Endpoint security allows the IT team to have greater visibility of any threats detected on a remote system.

Install firewalls

Businesses can add another layer of protection for their workforce by ensuring all network traffic happens through a firewall. A firewall helps keep cyber attacks out of a business network by following a set of predetermined rules configured by the system administrator. 

In a typical office setting, a business may have these firewalls set up as physical components that would keep a watchful eye between internal and external network activity. These on-premises firewalls are key if there is a centralized place of work, generally this being an office space.

During the COVID-19 pandemic, IT staff don’t have the luxury of having employees all on a local firewall, as employees work remotely from their homes. Businesses can look to install a virtual firewall which can act similarly, except it is hosted on a cloud service provider. 

Businesses looking to use a virtual firewall must also take into account: 

• Installation process
• Virtual Private Network (VPN) logins for employees
• Multi-factor authentication

For remote workers, cyber security experts agree that cloud-based firewalls are key to protecting employees and their network activity. This is a flexible option for remote network security while also allowing for scalability as the business grows or other work scenarios become reality. 

Schedule a vulnerability assessments for remote work

For those businesses looking for an advantage to defend against cyber attacks, they should consider a vulnerability assessment. A vulnerability assessment can give a more complete picture of where your organization is susceptible to attacks, and security experts can give recommendations to patch these exposures. 

An external network scan can shed light on vulnerabilities present in a given network environment and help remove the risks where your business is exposed from the outside. Network scans target specific IP addresses and detect open ports and other potential loopholes an attacker can exploit. 

Open remote desktop protocol (RDP) ports are one of the common ransomware attacks in which cyber criminals target publicly-facing ports and break weak usernames and passwords. They are then able to grant themselves unauthorized access. Closing the open RDP ports on your network can reduce this threat, and an external network scan with a firewall review can ensure the settings are configured properly.

Shifting priorities to cyber security

The COVID-19 crisis is shifting cyber security priorities and budgets, with more decision makers understanding the importance of a tested cyber security framework. There is no silver bullet for cyber security and preventing ransomware attacks. As a company who has helped thousands of victims of these attacks, we always suggest layered security protocols for the maximum amount of protection.

Take action

The most important thing you can do during this unprecedented time is take action now to #ByCyberSmart. Securing your connected devices doesn’t have to be an overwhelming task, and the sooner you get started, the better your data security will be. 

All of the cyber security products and services listed above are detailed further in our cyber security costs guide to help  you understand how to budget for your specific organizational needs. This National Cyber Security Awareness Month, we encourage all businesses and consumers to reevaluate their cyber security and take these cyber threats seriously. 

Our next article in this National Cyber Security Awareness Month series features the top 3 cyber security practices to prevent cyber attacks in healthcare. 

Is your remote workforce secure?

Learn more about our cyber security services or book a consultation with our security experts today!

Request a cyber security consultation