Remote working or working from home has come to the fore for many organisations with the COVID-19 pandemic. As a result of this pandemic, many organisations’ cyber security defense lines suddenly expanded and became more complicated.
We have covered everything about remote working and its related cyber security risks for organisations, which offer or plan to offer their employees remote working opportunities.
If you would like to learn more about these, we highly recommend checking this guide.
Contents
Cyber Security Risks Related to Remote Working
Keeping the systems and data safe within the organisation is much easier than keeping them safe outside of the establishment building or in systems that are not even under the organisation’s control. When you allow your employees to work remotely, firstly you need to understand that important data will now extend beyond the physical boundaries of the organisation.
Besides this, the type and number of incoming connections to the organisation will also change. Critical systems are not available for access over the internet for many organisations. However, now they have to be available for access over the internet.
While the employees of the organisations working only in the field of sales and marketing used to connect remotely, today, even the accounting department employees will also need to connect remotely. Thus, it is quite natural that some unforeseen risks come into our lives.
The main cyber security risks that arise in the remote working model can be listed as follows.
- Connections
- Keeping data outside of the organisation
- Employees working remotely
What Should You Consider While Allowing Remote Working for Your Employees?
Below, you can find some recommendations to request from your employees. Following these recommendations can significantly reduce cyber security risks related to remote working.
Use VPN Services
VPN stands for virtual private network and employees need to use VPN services while connecting to organisation systems remotely. In this way, you can manage your employees as they are already working within the organisation while ensuring the security of the connection.
VPN services ensure that the employee has an encrypted connection that cannot be tracked by others. Thus, employees will not only access the systems safely. This will also allow us to track which user connected to which system and when that particular user connected. Since you adopt the remote working model and your employees are outside the organisation, this topic has critical importance.
Consider Using Cloud Systems
When you allow remote working, it is not necessary that the systems your employees connect to, and use are within the organization.
It may make sense to move servers and systems to the cloud or to a data center. Especially in cases where the organization’s internet connection may be insufficient or when the server, infrastructure, etc. components to be connected may cause performance problems.
In this way, you can overcome the capacity problems without making additional investments and ensure business continuity.
Employees of Remote Working
Employees working remotely may encounter some risks that they are not exposed to in the organisational environment. Some of them may be due to not being physically in the office environment while some may be due to the comfort of being at home. For example inserting your kid’s USB into your office laptop or checking your email from an outdated mobile device.
This is why it is highly important to inform your employees about what they can do, or they cannot do in the remote working model.
What Are Technical Measures in the Remote Working Model?
Besides regular issues, an organisation should consider some technical measures to ensure the safety of its systems and eliminate cyber security risks. Some of these technical measures are:
2-Step Authentication
It is very important that all users log in by using 2-step authentication methods. One of the most effective methods against possible password theft is sending one-time passwords to the mobile phones of your employees.
CAPTCHA
You can provide extra protection for your login screens against brute force password guessing attacks with CAPTCHA systems.
In addition to this, it is also recommended that users use hard-to-guess passwords that are at least 12 digits long. Users also need to use lower and upper cases, symbols, and numbers in their passwords.
VPN Connection Monitoring
You should not accept any connection type other than VPN. It is very important to ensure all connections over the VPN services and monitor these connections. It is very important to closely monitor which users are connecting to which systems.
If you already have a SIEM investment, it may be useful to code a few alarms and alerts about it.
User Account Monitoring
Organisations must consider the security of user accounts and organisational data rather than the security of operating systems. For this purpose, it is important to monitor which accounts have which authorisation and keep track of the requests and processed data.
At this stage, organisations should take some technical measures. These include Active Directory security, auditing account authorisations, and the use of a DLP solution.
Physical Security
There is always a risk of theft of devices such as laptops or tablets belonging to the organisation. You need to prefer disk encryption to prevent thieves from accessing organisation data in stolen devices.
Cyber Security Hygiene
Under these conditions, the importance of basic cyber security hygiene rules is increasing. Issues such as keeping the software installed on the systems up to date, installing antivirus software, evaluating the risks that may arise from the software used in functions such as compression or PDF reading will be more critical than ever.
Besides these, additional precautions should be taken by anticipating that applications, whose security level has not been improved until now because users used to access them from the local sources, can open up to the outside world at any time.
How Can We Help You for Remote Working Models?
If you are planning to increase the number of employees, who will switch to a remote working model, MS Cyber Security can help you get through this process more safely.
We can provide the following services to minimize the cyber security risks for remote working models.
Remote connection stress tests. We can reveal possible weaknesses and vulnerabilities by making tests based on your current connection types and the number of remote personnel.
SO/HO security tests. We can help you to take the necessary measures about the security vulnerabilities that may affect the systems owned by the personnel working from the remote office or from home.
Connection security tests. We can identify the possible attacks that your employees may suffer, including the type of used VPN, and provide solutions.
Active directory and user account security. We can offer suggestions for improvement by auditing the security of user accounts and ensuring the correct configuration of Active Directory.
Improvement of SIEM rules. We can help you to determine the SIEM alarm rules that can detect the dangers that may arise from the remote working models and remote connections.
Cloud migration services. We can help you to determine which systems can be moved to the cloud or data center and the minimum technical standards of these systems.
As MS Cyber Security, we can provide services and solutions for the remote working model in your organisation. You can contact us at any time to get information and receive a free quote.