Enhancing IT Security for the Remote Workplace 

Since the pandemic hit early in 2020, organisations have been coping with the new reality of a remote workforce and will only continue to do so in the future. 

A study conducted by Forrester on behalf of Tenable found that in the next 1-2 years, 77% of Australian businesses plan to have employees working from home at least once a week while 59% plan to make it permanent.

However, Covid brought with it not only a rise in remote work, but a rise in cybercrime. With a remote workforce comes new security considerations. 

Remote work presents a unique challenge for IT security due to home offices don’t usually have the same safeguards as in the office.

With remote working; employees are often using a work provided laptop with their own network devices and security. Patching devices remotely, pushing out new security policies to work devices, web filtering and firewall protection or work devices that are shared with other family member need to be catered for. Having a work device connected to an unsecured home network and to a corporate VPN can also be a problem facing many business leaders. 

Educating work-from-home staff on company IT Security standards 

Because of these reasons work from home employees is a high security risk. This is even more problematic when organisations are utilising a more traditional On-premises Active Directory/Group Policy and File Server/VPN infrastructure.  

At the office, employees are working behind layers of preventive security controls and do not have the same exposure risks as remote workers. 

However, with remote workers a modern workplace solution can reduce risks for your company by providing cloud delivered security policies.  

These new risks introduced by the remote workplace will always be there unless organisations manage this new attack surface.  

Some of the primary reasons that make work-from-home staff vulnerable to cyberattacks include the use of personal devices for work, not taking cybersecurity seriously, and unsecured network access. 

Hence, end user protection and the need to have IT Security policies in work from home scenarios are essential. These work-from-home or remote work policies can also be enforced with both technical and administrative controls. 

Bolstering security to block potentially malicious incoming attachments, using cloud-based web filters, and other cybersecurity tools become more and more important.  

Up-to-date training is essential as cybersecurity is everyone’s job.  

Tips to protect home computers in the remote workplace 

As remote work becomes more commonplace, it is essential for organisations to put in place the necessary IT infrastructure as well as applicable security guidelines and policies to minimize their exposure to cybersecurity risks. 

Here are some of the best practices that your organisation should consider that are critical to protect your work-from-home employees: 

Separate Work Devices from Personal 

Work devices should only be used for work purposes only. With remote work, it’s important to create boundaries between work and home devices. 

Without the proper policies in place, employers will have very little control of information that is on work devices. Confidential and proprietary information on company devices carry an enormous risk. 

While it may seem cumbersome to constantly switch between devices, this can help reduce the amount of sensitive data exposed if your personal device or work device has been compromised.

Multi-factor Authentication (MFA) 

We strongly recommend using multifactor authentication (MFA) not just remote workers, but all users, including admins. MFA is an authentication method where access is granted only after successfully presenting multiple pieces of evidence to an authentication mechanism.   

The first and most common evidence is a password. The other evidence may include biometrics, security keys, one-time passcodes, or push notifications. For very sensitive systems, MFA can even require multiple parties to sign on at once.

The best practice is to use an authenticator app like Microsoft Authenticator or Google Authenticator. 

MFA can dramatically reduce the risk of successful phishing emails or malware infections because even if the attacker is able to get one piece of evidence like your password, they are unable to login because of other authentication requirements. This stops attackers from gaining instant access to your systems. 

Web filtering

Web filtering technologies stop users from viewing certain URLs, websites, or content by preventing their browsers from loading pages from these sites. 

Cloud-based web content filtering solutions can combat malware, spam, malicious files, ransomware and annoying popups. 

Web filters or secure web gateways (SWG) can enforce your company’s browsing policies and protect employees and devices from malicious content and downloads without requiring to backhaul internet traffic via on-premises controls. 

Some web filtering solutions rely heavily on the limited metadata visible in DNS queries. These solutions leave too many security gaps.  

We recommend using next generation Secure Web Gateways (SWGs) that use web filtering to enforce company Internet access policies and strong filtering solutions that scan all content, regardless of the reputation of the domain in question.

Firewall and Antivirus 

Firewalls act as a line of defence to prevent threats from entering your organisation’s system.  

Traditional firewalls create a barrier between your employees’ devices and the internet by closing ports to communication. This prevents malicious programs’ entry and can stop data leaking from employees’ devices. 

Within the cloud environment, there are also cloud firewalls that block cyberattacks directed at cloud assets. They form a virtual barrier around the cloud platforms, infrastructure, and applications, just like traditional firewalls forming a barrier around the organization’s internal network. 

Deploying a cloud-based next generation firewall in Azure or AWS gives companies the ability to provide consistent, secure connectivity to their employees.  

Although a firewall can help, threats will inevitably get through. It’s vital to ensure antivirus is in place and fully updated.   

A good antivirus software can act as the next line of defence by detecting and blocking known malware. Antivirus software takes the hard work off your hands by offering automatic remote work security against a host of threats. 

Ransomware Protection 

Utilising an advanced Antivirus that offers ransomware protection will greatly reduce the risk of data loss and encryption on work devices and should be an extremely high priority for organisations as this is one of the largest risk areas facing organisations.

Essential 8

The Australian Cyber Security Centre (ACSC) Essential Eight is a series of eight areas of focus developed by the Australian government’s cybersecurity division to prevent malware delivery and execution: 

• Application control  
• Patching applications 
• Patching underlying operating systems 
• Microsoft Office macro settings 
• User application hardening 
• Restricted administrative privileges 
• Multi-factor authentication
• Daily backups
   

We recommend focusing on each of these areas on an ongoing basis to remain up to date across the security threat landscape

System Updates and Hardening 

 Timely software updates help patch security flaws and safeguard the computer system. From your whitelisted set of applications, we recommend enabling automatic patch updating across the board for these applications. 

Many patches that are released are specifically to address a discovered software vulnerability. This will help you and your staff to prevent problems caused by delayed system updates.  

Ongoing updates not only remove bugs or improve features, but also eliminate new threats from being able to sneak in. It’s important to always apply application security patches as they are released. 

Similarly, the operating systems you use, whether Windows, Mac, or Linux, will have regular system updates too. The security patches released by these companies are critical to apply to ensure ongoing systems security, particularly on servers. 

Conclusion

As remote employees’ home networks are less secure than company networks, there is a lot that needs to be done to keep your IT environment secure.  

Your company’s confidential information is only as secure as its weakest link. The steps mentioned can help individual remote employees safeguard your organisation from cyberattacks and protect sensitive information.

A1 Technologies can help with security across threat detection and prevention, backup and disaster recovery, network security, managed hardware, secure email, and can perform cybersecurity assessments to see how mature your organisation is and where it must be. 

If you are struggling to keep up with the latest security updates or need a better way of managing security across your organisation, then come and speak to us. 
 

Clint Shiels

With over 20 years in the technology space and a background focused on Microsoft and Security, my methodology is to understand business requirements and outcomes first and foremost then set out a roadmap and delivery plan to achieve these through advisory and modern workplace delivery services.