REMOTE WORK
Securing a Remote Workforce
A Quick Guide to Keep You
and Your Employees Protected
Keeping Business Secure in a Work From Home
Environment
Employer Perspective
Review overall IT setup –
network, VPN configurations, devices, ports, etc.
FBI reports 300-400% increase in cyber attacks since the pandemic began.
Require employee cybersecurity training.
95% of cybersecurity breaches are caused by human error. - IBM
Heighten security on VPN connections and remote access.
“As organizations use VPNs for telework, more vulnerabilities are found and targeted by malicious cyber-actors” – Alert by US Department of Homeland Security
Mandated password policies and strong protection measures.
Establish multi-factor authentication
on remote sessions and monitor remote activity
80% of hacking-related breaches involved compromised and weak credentials.
- 2019 Data Breach Investigation Report
Update security software – to protect against phishing emails and ransomware.
Phishing is the top attack on businesses – responsible for 90% of security breaches. – 2019 Data Breach Investigation Report
Setup proper firewall configurations and endpoint protections.
Over 70% of data breaches occur at endpoints. - Security Magazine
Distribute company-issued devices –secured and controlled by IT or implement BYOD policy.
Backup data in a centralized cloud -
to allow for team access while managing and protecting data.
Prepare a cybersecurity events plan -
to quickly deploy remediation measures.
The average lifecycle of a breach is 314 days from the breach to containment. - IBM
Employee Perspective
Be aware and stay vigilant –
much greater threat landscape for phishing scams.
Google blocks 18 million COVID-related phishing emails daily.
Secure home WiFi routers
and change default equipment passwords.
Lock all devices.
Create hard to guess logins and passwords –
do not use the same credentials for accounts.
Set up multi-factor authentication.
Only 37% of people use MFA at work. - LastPass
Follow all company policies -
pay close attention to IT notifications and install updates, immediately.
Almost 60% of data breaches in the past two years were caused by
missing patches. - The 2020 Cyber Hygiene Report
Access and save data
in company file storage system, such as SharePoint.
Avoid working on open WiFi networks
and create a guest WiFi network if you are sharing your internet in
your household.
35% of exploitation activity stem from man-in-the-middle attacks. - IBM
Disaster Recovery as a Service
In the event of a man-made or natural catastrophe, Disaster Recovery as a Service (DRaaS) has the capability to replicate and recover an organization’s entire digital infrastructure, including data, storage, servers, applications, and software. Organizations that are exposed to volatile environments or unpredictable weather conditions should especially consider DRaaS as an investment in their back-up strategy and an important component to their business continuity plan. DRaaS is a great first step for companies looking to assess the cloud. Many SMBs are adopting DRaaS because it means they don’t have to create and maintain their own off-site data recovery environment, but can rely on an outside provider to get them back in business as soon as possible if disaster strikes.
