Don't Overlook Security Now That You're Remote

Updated on March 17, 2020
Patrick Dunn profile image

Patrick Dunn is an Information Technology Consultant for small and medium businesses in the Tri-State Area

With the rush to ensure business continuity amidst threats like COVID-19, companies are left rapidly deploying a remote workforce infrastructure. We as IT professionals must ensure our employees are briefed on the cyber-security threats that exist on a remote connection. A secure remote contingency plan will ensure that any situation, present or future, won't restrict the continuity of your business. While vendors and MSPs aid in deploying solutions, hackers are already looking for ways to capitalize on holes within a network's security.

Lone office worker
Lone office worker | Source

The main priority is to "get my team set up to work remotely, and yesterday." Because of this, network security protocols become secondary and often overlooked. The threat to your networks has increased dramatically, and hackers know this...and they're going to capitalize on this any way they can.

One of the most recent and notable incidents was an attack aimed at an interactive COVID-19 tracking map provided by Johns Hopkins University. The map was targeted by hackers who were selling malware claiming to compromise the map and infect users. The users were prompted to download software to view the map which contained malware infecting their network. There have even been emails posing as government sites tricking users to click links in order to learn more, but ultimately leading to users unknowingly infecting themselves with malware, and this is only the tip of the iceberg.

Going back to your email Inbox (which can be a great playground for hackers), think about how easy it would be to first hover over a link in a message before just simply clicking on it.

— Michelle Gibbs

Unfortunately, smaller companies don't have the time to integrate a brand new solution into their network when disaster strikes. They have to use the tools they currently have and deploy them as quickly as possible to mitigate any threat to their business workforce. Most of the industry leaders workforce's have the ability to go remote as quickly as sending out an e-mail, however, IT departments for smaller companies who aren't set up for these situations due to bandwidth restrictions or a telecommunication service are stretched thin.

The best thing to do before all else is to inform your users of the threats that exist via an email or meeting before you allow them access to your network remotely. Yes, we need to keep business moving, but a costly setback due to a malware attack will cause more work and time than an email and/or a quick call will.

“Despite international efforts to quell the virus, the World Health Organization recently classified this as a global pandemic; online scammers are trying to exploit this uncertainty through phishing attempts and bunk domain names,”

— Charles Poff, chief information security officer at SailPoint Technologies Holdings Inc.
Workspace
Workspace | Source

Take the time to re-educate your employees on the importance of always staying connected to the network through a VPN tunnel and how the security of the entire network can be compromised by clicking one link or attachment in an email. Take the time to send out an email outlining your procedures and don't assume they should know, and if you trained them before, review it again. You'd be surprised at how many employees simply "don't know" the risks.

While COVID-19 will become a memory in the months-to-come, the preparations and implementations of today will follow your business for years to come. The ability to switch your office to a remote setup at a moments notice will ensure that any situation that will arise, and it will again, provides your business with the continuity it needs. Providing your workforce with a means to work remotely and training your employees on proper security measures will protect the integrity of your network, the efficiency of your workforce, and the scale-ability of your company.

Tips to informing and mitigating the threats to your network users on a remote connection.

  1. Walk them through the process of connecting through a VPN tunnel
  2. Send out a questionnaire regarding security to see how knowledgeable they are on your current security procedures
  3. Notify them of the emails they may receive that could contain malicious links and attachments
  4. Integrate multi-factor authentication
  5. Hire a company to do a penetration test on your network to discover where your security may require more layers
  6. Make sure your network users have what they need to effectively work from home and keep personal devices off the network. If you're a BYOD, consider using a remote desktop
  7. Stress the importance of keeping personal browsing off of company devices, and encourage them to use personal devices when they need to take a break

Questions & Answers

    Comments

      0 of 8192 characters used
      Post Comment

      No comments yet.

      working

      This website uses cookies

      As a user in the EEA, your approval is needed on a few things. To provide a better website experience, turbofuture.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

      For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://maven.io/company/pages/privacy

      Show Details
      Necessary
      HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
      LoginThis is necessary to sign in to the HubPages Service.
      Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
      AkismetThis is used to detect comment spam. (Privacy Policy)
      HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
      HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
      Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
      CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
      Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
      Features
      Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
      Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
      Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
      Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
      Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
      VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
      PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
      Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
      MavenThis supports the Maven widget and search functionality. (Privacy Policy)
      Marketing
      Google AdSenseThis is an ad network. (Privacy Policy)
      Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
      Index ExchangeThis is an ad network. (Privacy Policy)
      SovrnThis is an ad network. (Privacy Policy)
      Facebook AdsThis is an ad network. (Privacy Policy)
      Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
      AppNexusThis is an ad network. (Privacy Policy)
      OpenxThis is an ad network. (Privacy Policy)
      Rubicon ProjectThis is an ad network. (Privacy Policy)
      TripleLiftThis is an ad network. (Privacy Policy)
      Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
      Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
      Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
      Statistics
      Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
      ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
      Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
      ClickscoThis is a data management platform studying reader behavior (Privacy Policy)