Subscribe: Stay in the know with a 99-cent subscription to the RGJ
NCET helps you explore business and technology.
Businesses of all sizes are transitioning their workforces from their “work from home” models back to the physical office, but many are opting continue to allow their employees to work remotely, re-architecting their entire security strategy along the way. In doing so, unintended security risks are being introduced to business networks, and a simple VPN connection isn’t the all-in-one solution.
Often overlooked is the importance of securing those remote devices and network segments beyond the employee’s machine themselves. Home networks become an extension of the business network, introducing a wide variety of risks to critical business internals, which are oftentimes outside the control or management of organizational IT. Some businesses provide company laptops and mobile devices for their employees to work remotely (good idea), while others opt to allow their employees to use their personal PCs (bad idea). Either way, connections from within the user’s home network open unexpected back doors, increasing the attack surface to the user and the business network.
Here are a few tips that may help enhance your network security experience for remote and work-from-home employees:
Always use virtual private network (VPN) connections
Regardless of your business model, it’s important to secure external connections into your business network. End-to-end encryption provided by VPN connections is important to secure network traffic regardless if users are connecting to your internal network, their cloud instances or external business resources.
Enable multi-factor authentication whenever possible
Implementing multi-factor authentication will add to the complexity of your authentication process, but there are benefits gained from the increased security that these layers provide, as well as the fact that doing so will satisfy many compliance requirements and minimizing account takeovers and tool hijacking.
Lock down your network appliances (and we aren’t talking about refrigerators!)
Remove those factory-default accounts and passwords. This is the low-hanging fruit and it’s extremely easy to perform a quick search for the default credentials for most devices, granting an attacker administrator access to your network. Be sure to disable unnecessary ports. Routers, switches and printers often ship from the factory with several remote access ports enabled by default to enable configuration and administration, allowing anyone to access them until they are closed down and secured. Ports such as 21, 22 and 23 are often forgotten and left unsecured.
Build a resilient (3-2-1) backup and recovery strategy (the most important of all!)
A 3-2-1 strategy is disciplined, reliable and cost-effective method of backing up your critical information. Three total copies of your critical data, but on different mediums. The first is a local backup to a server or PC; the second is backed up to an external or removable hard drive, then disconnected; the third is backed up to an online or cloud service. It’s important to practice recovering your data periodically to build confidence in your or your IT team’s confidence to do so.
I know we’re only scratching the surface here, but I will expand on these and other risks during the upcoming Biz CafĂ©. Please join me!
Learn about how to mitigate the work-from-home network risks to your business at NCET’s online Biz Cafe on July 8 at 3 p.m. NCET is a member-supported nonprofit organization that produces educational and networking events to help people explore business and technology. Find more info at www.NCETcafe.org.
Antonio A. Rucci is a retired counterintelligence special agent and U.S. Army warrant Ooficer who runs a private cybersecurity consulting firm in Knoxville, Tennessee performing penetration testing, passive network assessments and incident response professional services to both private government and commercial entities throughout the country.
"network" - Google News
July 01, 2020 at 12:02AM
https://ift.tt/2ZnO6ET
Work-from-home network risks to your business | NCET Biz Tips - Reno Gazette Journal
"network" - Google News
https://ift.tt/2v9ojEM
https://ift.tt/2KVQLik
Bagikan Berita Ini
0 Response to "Work-from-home network risks to your business | NCET Biz Tips - Reno Gazette Journal"
Post a Comment