IT & Cyber Essentials For Working Remotely
*This post is written by our co-founder and originally posted on LinkedIn here.
Allowing remote working is one of the biggest requirements in the IT & cyber world right now.
Our March 2020 Boardish Analytics report (https://boardish.io/monthly-analytical-cyber-reports) shows us that “Immobility” has the highest increase of all threat counts for this month, with an increase of 42%
We decided to share some of the basic essentials to allow remote working in a secure way:
IAM Solutions ( Identity Access Management ):
Mainly when working on Cloud Solutions / SAS – enabling IAM features will make a huge difference between working remotely and working remotely in a secure way.
- Enable MFA – Multi Form Authentication (if you have done so yet – no excuses – your identity WILL BE HACKED )
- Use Geographical limitations – enable login only for locations in which you have a “logic” / “need” to work from.
- Connect DEVICE to a USER – make the connection between the device and the user – when doing this you can even enable some access from BYOD devices if you can verify they have the basic required level of security.
Our March report has also shown us a HUGE spike of 371% in “Video Conferencing” as a solution for most ‘immobility’ threats.
* Note: Before the Coronavirus outbreak – Video Conferencing wasn’t considered a “solution” for IT & Cyber Threats.
Video Conferencing solutions are one of the easiest ways of mitigating the current risk and enable business continuity, both internally and with your clients.
Note: that many of Video Conferencing vendors (Like Microsoft with TEAMS ) are offering free tiers for this Coronavirus period.
Most of the “last-gen” phone solutions support VoIP connections, either via applications or devices, it’s now easier than ever to get you phone extension in any location, including your home if required.
Secure Internet Connection:
This is something that is overlooked in many cases when working from home, in most cases, your home router is just not stable enough nor it is secure enough.
We recommend using business-grade routers for your critical employees that are part of your business continuity program, this will make a huge difference both on the stability of the connection and of course securing the connection from unwanted listeners.
VDI & Terminal Server solutions:
In my professional opinion, this is still of the best ways to allow access to your sensitive programs in a secured and controlled environment, even if you are connecting from a BYOD device.
The ability to isolate specific software for specific users and the combination of VDI solutions with IAM makes it of the best possible remote working solutions.
Even a basic terminal server with a locked-down GPO will provide a much more secure environment than working directly on your BYOD computer and more functionality in some cases than your laptop via remote connection.
Cloud solutions like file-sharing platforms and online email platform makes the perfect “work everywhere” solution, the productivity factor is huge.
The same solution requires additional security, mostly to make sure you can differentiate sensitive information from non-sensitive, as well as enforce that only authorized sharing of data will occur,
We see in our Boardish ecosystem that most companies that use Cloud Security combine it with their IAM to achieve user & data visibility and enforcement.
We highly recommend having visibility and the ability to enforce your users ( remote and local) cloud activity.
How can you quantify these solutions ROI? – use the Boardish Methodology, below is a sample dashboard we made.
Immobility is a quantifiable threat.
Quantify it and you’re much likely to get fast approval for solutions. (The free version of Boardish all that you need for this scenario.)