Cyber security checklist for remote working

As many organisations settle into the new way of working for everyone, connectivity and collaboration are important discussion points, but another factor can obviously not be ignored… security.>

Relying on remote workers to address this on their own is not an option and, for many, the right processes, training, and technology may not be in place anyway.

In this blog we look at some of the key issues and how you can help your colleagues to work from home and stay secure.

The challenges we are seeing:

  • Using unsecured home Wi-Fi networks
  • Using insecure devices for work
  • Increase in phishing scams targeting your remote workforce

Our checklist recommendations:

  1. Use strong passwords
  2. Use 2 Factor Authentication or Multi Factor Authentication
  3. Use VPN
  4. Ensure firewalls are configured properly
  5. Secure the endpoint
  6. Keep your systems patched
  7. Always use back-ups
  8. Be vigilant for phishing emails and malicious websites
  9. Add Email and Web Content Filtering
  10. Turn your users into Wi-Fi experts
  11. Add security monitoring
  12. Beware Shadow IT

Our checklist explained:

Use strong passwords Do not use the same password for everything. Free password managers like Lastpass can greatly simplify your life by generating a different complex password for each system you use whilst storing them all securely and automating your login.
2 Factor Authentication or Multi Factor Authentication Multi-factor authentication, using text messages, biometrics or pin codes that are generated for you will protect you if your password is stolen.
Use a VPN VPNs protect your online privacy and ensure that your corporate communications are secure. They prevent attackers from reading your traffic by encrypting the data. VPNs consume more bandwidth and can be slow, however they do support remote access to critical systems.
Be sure to check:

  • You have enough bandwidth to sustain long periods of remote workers on VPNs without compromising the availability of other corporate resources. Consider a back-up line to ensure that if connectivity drops, you have a contingency in place.
  • Your firewall or remote access termination point isn’t a single point of failure. If it fails, would your users be able to work?
  • You have enough licences. Many VPN providers allow unlimited clients to installed but then limit the number of users that can be on the VPN at the same time.
Ensure firewalls are configured properly Firewalls are your frontline when it comes to security. Ports and services should be configured securely and only in the context of your business requirements. Additional security controls, such as UTM, email content filtering, web content filtering and malware detection are all great add-ons that will add further protection to your operations.
Be sure to check your firewall configuration regularly.
Secure the endpoint Malware is on the rise; attackers are already manipulating fear associated with COVID-19 to exploit remote workers. Endpoint detection capabilities for Malware are essential, where possible you should deploy next generation malware protection such as SentinelOne as these have greater ability to detect new and unclassified attacks that traditional antivirus misses, plus they have the added benefit of isolation, remediation and rollback features to remove the need to pay a ransom!
Keep your systems patched This is critical, patching must be maintained to reduce the change of malware exploiting a vulnerability that could have devastating effects across an organisation.
Always use back-ups What would happen if you lost your data? The cause can be varied from hardware failure to, application crashing, device theft.

Users of Office 365 or other cloud-based productivity applications should always create in the cloud, back up is automatically in the cloud and disaster recovery in-built.

If you’re a OneDrive or GoogleDrive user, save your document to your local folder to make sure its saved in the cloud too (you need to be connected to the internet for this to work).