16 March 2020

Don't let "work from home"​ become a weak link in your data security effort (edited)

  • By Loïc Calvez
  • POSTED IN Technology
  • With 0 COMMENTS

I wish I did not have to write this one, but it looks like I must. In these times of chaos, where we all should be focusing on the safety of our families, friends and communities, it appears that some groups are still dedicating themselves at going after our data. Recent malware has appeared in forms of COVID-19 maps and plain old regular malware hidden in documents of all shapes and sizes is still raging. I will leave the recommendations on hand washing, social distancing and all other good precautions for our health to the respective government agencies that are already publishing great guidance on the topic and I will focus on data security.

Many companies have been forced to accelerate the deployment of a work from home program, so here is quick checklist to ensure you are covering the basics to keep your data secure (even more important than ever since many of your end points will not longer be protected by your Next Generation Firewall):

  1. You still need to patch those remote systems! Use a tool that can patch those system anywhere or reconfigure them to use the included Automatic Update.
  2. Keep that Anti-Malware up to date, make sure your updates are applied when the devices are not in the office.
  3. Encrypt those hard drives! With more systems in more locations, you increase the risk of theft, make sure your data is encrypted at rest.
  4. Use proper collaboration tools! Yes, sending documents by email can work, but email is still fairly insecure. Use collaboration tools such as Office 365 or G-Suite that can ensure the security of your documents while allowing to share them with others.
  5. Try to use a wired Internet connection, not all home WiFi are properly setup with at least WPA2 and a strong password.
  6. No games on business devices, I know that for many the kids are home for several weeks, but so many games have shown to include malware that it is not worth the risk (not counting accidental document deletions and emails to the boss linked with young hands on keyboards).
  7. If you must allow VPN to business networks from personal devices, limit the scope (no need to allow all networks and all servers) and make sure to apply 1, 2, 3, 4 and 5 above (consider deploying your corporate Anti-Malware to personal devices).
  8. Backup that data, it’s not because more systems are now sitting outside your office that you should stop backing up that data.
  9. Be more careful than ever about emails, processes may have changed, employees are more stressed, people may be filling multiple roles. Think thrice before you open an attachment or click on a link.
  10. Stay connected! Working from home does not mean working alone, use collaboration tools such as MS Teams or Slack to stay engaged with everyone. Many Office 365 plans already include Teams ( here ), you can also download the free version ( here ).
  11. EDITED: Another good one I saw elsewhere and thought I should add: make your work device part of your home "guest" network (if possible), it will be less exposed to your other home devices and that network often also include device isolation settings.

Happy working and let's Flatten the Curve together.