Within hours of the State of California issuing ‘Safer at Home’ orders on March 19, 2020, AllConnected’s helpdesk, network, and application teams fielded over 200 tickets related to ensuring our clients’ new WFH employees stayed secure, healthy, and productive.
The lengthy pandemic, and the quick releases of new software, created a new class of employee: telecommuter, or remote worker, or work-from-home employee, who remain anything but “non-essential.”
What is also clear is that as the pandemic mandates end, many employees are not returning to the office. So our engineering team has assembled some important observations and recommendations below for your organization to ensure continuity of business operations with remote workers:
Most remote employees rely solely on email for their office communications, which is why Cybercriminals prey on email with targeted phishing attacks. Educate your employees to ensure they are on-guard against these types of attacks and ensure email filtering is in place for all users.
Whether the employee is using a corporate or personal computer, all remote users should have their Anti-Virus (AV) software and definitions current. Make sure that the AV is set to update automatically and run scans on a frequent basis.
You’ve known for years that Virtual Private Networks (VPN) give your remote workers a private, encrypted pathway over the Internet to your secure corporate network. That’s why today’s cybercriminals try to hack into your network by first stealing the VPN user’s “credentials”: username and password.
If the username is obvious and the password is weak, the cyber-attacker can gain access to your network and install malware, attack other devices, etc.
That’s why we recommend multi-factor authentication (MFA). MFA is both a strategy and a process of requiring than one proof of a user’s identity before allowing access to the network.
The password is the first form of user authentication. Secondary credentials include numerical codes sent to the user’s cellphone (most common), hardware tokens provided by the company, biometric scans of the user’s retina or finger, and tracking of the user’s location and work schedule.
A company’s MFA establishes a consistent form of authentication, which is especially important as company data moves to the cloud. MFA also allows organizations to keep track of which devices access the network, whether corporate or personally owned (BYOD, “bring your own device”). Organizations can then set access policies based on location – blocking requests from outside the United States, for example. Or they can block devices that don’t have up-to-date software.
Organizations that need to be HIPAA, NIST 800-171, or PCI DSS 3.2 compliant also require MFA for all VPN access.
With Cisco Duo you can:
If you would like to learn more about MFA and how it adds another layer of security to your business, see our article “How Secure Is Your Multi-Factor Authentication?“
Desktop virtualization technology allows remote users to access the same work session they would see on their PC at work but on their cell phone, tablet, personal PC, Smart TV, etc.
Originally called Terminal Services, Remote Desktop Services (RDS) is a collection of technologies designed connect remote users to applications or virtual desktops hosted on a server or hosted on a collection of virtual desktop systems. The user’s “session” functions completely within the server environment, rather than on their local device, which may be a personal device.
Depending upon your organization’s needs, AllConnected recommends using RDS, in which remote users interact directly with Microsoft’s Remote Desktop Protocol (RDP) on the server, or with Citrix Virtual Apps and Desktops (formerly Citrix XenDesktop).
Both Citrix and RDS work well for remote workers, the licensing costs are less with Microsoft RDS, but Citrix has some advantages, particularly when connecting from a mobile device and with complex printing needs. In both cases, we recommend never allowing the infrastructure to be accessed directly over the internet. For Citrix, a VPN or a front end Citrix appliance should be implemented. For RDS, a VPN or a front end RDS Gateway should be implemented.
Richard Pressler
AllConnected CTO and Chief Architect
Cisco Umbrella provides your remote users with a personal firewall.
Umbrella filters the DNS of all internet requests, identifying and proactively blocking malicious requests before a connection is established. It also blocks already infected computers from communicating with malicious servers so cybercriminals are unable to exploit the device further.
We all want to make sure our organizations continue to operate during a disaster or cyber-attack. That’s why AllConnected is dedicated to helping you develop critical infrastructure, disaster recovery and business continuity plans to fit the needs of your organization. If our team can be of assistance, please contact us at 805.526.1455, option 3, email us at covid19solutions@allconnected.com, or use the contact form below.
Cisco Umbrella is a cloud computing security gateway designed to protect you from malware, botnets, phishing, and targeted online attacks.
Compromised accounts are a big issue when passwords are overused, too simple, or...