With an influx of employees suddenly working from home amid the current health crisis, secure remote working is now top of the agenda. However, switching from a trusted and secure office environment at short notice to work remotely can cause IT security issues. This isn’t helped by the fact that cybercriminals are using the coronavirus as material for their phishing scams, banking on unwary employees clicking on malicious links.
With secure remote working in mind, the European cybersecurity agency ENISA has set out a series of recommendations for companies moving to teleworking as a result of Covid-19. The agency has already seen an increase in coronavirus-related phishing attacks and recommends, that employees do not mix work and leisure activities on the same device. There is a particular focus on any emails referencing the coronavirus as “Attackers are exploiting the situation, so look out for phishing emails and scams,” ENISA said. They have also warned remote workers to be suspicious of seemingly legitimate emails asking to check or renew passwords and login credentials. This is also relevant for emails sent from individuals you are not acquainted with, asking to open attached files. These are usually sent with an aura of urgency, designed to panic the end-user into clicking the files.
The National Cyber Security Centre (NCSC) has issued a similar warning about coronavirus-themed phishing attacks. Employees and organizations can implement certain procedures to help maintain productivity without increasing cybersecurity risks.
Due to the current Covid-19 epidemic, more people are being asked to work from home. This presents many companies with logistical IT issues and introduces new Cyber Risks to network infrastructures. The following is a list of secure remote working methods that can be implemented.
Many companies now use Office 365 and G-Suite for their daily work, and this is a great way to allow remote working as all data is accessible from any location. Please enable two-factor authentication on all cloud services that support it as this protects against malicious third-party access to your data. You can also employ secure DNS servers or secure VPN servers to secure your internet traffic when connecting to cloud services from insecure locations such as airports and coffee shops.
If your data is not in the cloud but on local servers in your office, then it is recommended to use a secure VPN service to connect remote laptops to your office servers in a safe and secure manner. The secure VPN service allows remote laptops and desktops to operate as if they were located in the office premises.
If your company has mostly desktop computers and it is not logistically possible for staff members to take the equipment home then utilizing secure remote desktop services such as LogMeIn, Team Viewer or Splashtop may be the solution. This remote access software allows you to access your office computer securely from any location and use it as if you were sitting at your desk. This allows internal servers and services to be accessed in a safe and secure manner.
At CYFOR Secure our standard service allows secure remote desktop access to your computer and we automatically route all your Internet requests through our secure DNS servers to protect you when working from unknown locations. We also have enhanced Cyber Protection Services to ensure your data stays safe in these difficult times. If you are concerned about home working and cyber risks, then please contact the CYFOR Secure team.