While many companies are deploying a remote work policy to comply with State and local Health authorities’ direction, protecting your company’s infrastructure integrity is paramount. This is a significant cybersecurity issue that requires your attention. We’d like to offer some advice and recommendations as you implement your remote work policy to ensure the digital safety of your company and employees.
We’ll be updating this page regularly with new practices and information helping you protect your company’s data.
Best Cybersecurity Practices for Working Remotely:
- Deploy and enforce strong requirements for authentication. Complex passwords and the implementation of two-factor authentication (preferably with a token device) should be required.
- Use secure/encrypted communication channels such as secure VPN to access company assets.
- Exercise good judgement in regards to social engineering/phishing attacks. Beware of Coronavirus domains and spam email campaigns from false addresses.
- Enforce proper Antivirus and Patch Management protocols
- Create and distribute a work-from-home policy that highlights an employee’s responsibility to keep the security of company and client information in the forefront of their mind (e.g. we suggest companies establish a follow up phone call policy or two-factor authentication on financial or information requests made via email or chat means).
- Ensure all employees contact IT in the event of suspicious behavior on their machines.
- Limit the download of working documents onto personal machines and/or devices.
- Secure in-home routers correctly through proper configuration.
- Ensure that proper back up procedures are in place and are successfully executed.
- Disable pop-ups on home system web browsers and ensure they are updated to the most recent release.
- In public places try to use mobile hot-spot on your device, turn off wifi function and use private browsing.
- Beware of inserting USB devices to your computer. Especially, if they don’t belong to you.
- Install updates regularly.
- Beware remote desktop tools.
- Lock your device when unattended.
- Check URLs to see if SSL encryption is implemented (a little lock next to the URL).
- Keep in mind, the Center for Disease Control and Prevention (CDC) will never directly send you emails. If you received one, don’t click on any links or download any files.
More tips and practices can be found on our webpage at itservices.5nines.com/working-remotely/. We’ll be updating this page regularly with best practices and information helping you protect your company’s data.
5NINES Managed Services offers Remote User Management and Setup Plan of $20 per user/month plus one-time set-up fee of $100. This includes our 7×24 call center, asset tracking, monitoring & security, configuration management, anti-virus protection and regular patch updating. If you are interested in implementing our service or learning more, please email us at firstname.lastname@example.org or give us a call at 608.512.1000.
Stay safe and secure during these unprecedented times.