As a follow-up to our Remote Workforce Security webinar, we offer the following consolidated notes. In case you missed it, you can view the webinar at your convenience.
Adapting to changing times
Businesses are rapidly shifting to work from home strategies in response to the current COVID-19 situation. Many have strategies in place to protect networks, endpoints, and systems. They have policies in place to keep tabs on business IT assets. They ensure that systems are constantly patched while temporarily disconnected from the office network. Antivirus monitoring still occurs. Their IT Managed Service Provider has already helped to secure remote access to systems and manage endpoint controls to keep their business secure.
This list is for businesses who did not have a plan in place and are rapidly shifting. There is plenty that you can do to protect your business while having staff temporarily working from home. It is extremely important that you implement multi-factor authentication (MFA) for your email platform (Office 365, Gmail, etc.) and for VPN access. MFA is the best way to reduce the most likely cyberattack vector, credential harvesting via email phishing.
The following is a list of things that you can ask of your remote workers. Some of them will be able to tackle these tasks on their own, others will need help. Do what you can now and circle back to close any gaps as time permits.
Checklist for easy ways to step up remote security
- Develop practical, easily implemented, work from home security strategies.
- Update the firmware on home Wi-Fi routers.
- Set a new admin password on your home Wi-Fi router.
- Save the non-business Internet browsing, social media, email, and chat for your personal devices and your home/personal Wi-Fi network.
- Devices accessing and storing any sensitive, confidential, or personally identifiable information (PII) should be encrypted.
- Be on the lookout for email phishing scams designed to harvest your credentials and gain access to your work or personal email.
- Proactively change passwords that haven’t been changed in the last 30 days
- Consider the following:
- Workstation (Windows or Mac) login
- Office 365
- Windows Active Directory
- Personal email
- Wi-Fi Router admin credentials
- Wi-Fi wireless password (SSID & Guest)
- Consider the following:
Ask for security resources
If you are using IT assets owned by your employer, it is important that you consult with your IT personnel or IT Managed Service Provider before acting. They may already be managing some of these things for you and/or ad hoc changes might cause other issues. Do you run a business and would you like help managing the above tasks proactively? In other words, without having to rely on your personnel to do this on their own? Contact Go West IT. We will be happy to help, and we have resources standing by to tackle this for you.
Zia Consulting thanks David Lewien and Go West IT!