Expert Take: 6 Tips for Secure Remote Working

14 May 2020 by Charlotte Greene

Authored by Stephen Crow, UKFast’s Head of Security and Compliance

The transition to mass home working over the past month or so has offered little time for companies to formulate secure remote-working policies. As a result, threat actors have taken much delight in exploiting common flaws in remote working, and the wave of coronavirus-related cyber-threats is still being experienced across the world.

At UKFast, we’re fortunate enough to have a team dedicated to security and compliance to help the company transition smoothly and safely to remote working, while also providing support and guidance for our customers throughout this challenging time.

The statistics show that more than half of IT and security professionals are concerned about the safety of accessing their corporate networks from outside the office. With home- and remote-working security at the forefront of everyone’s minds, below I’ve highlighted a few ways in which your business can optimise security for remote workers.

1. Secure remote-working setups 

Regardless of how your team connects into the office, the process of employees accessing resources needed for the working day must be secured. Crucial steps are: 

• Limiting the need for employees to take data and files outside of your office network by setting up a formal, secure remote connection such as remote desktop or VPN access – as well as obligatory communication channels designed for business use. 
• Ensuring all devices used are equipped with basic protection such as antivirus, antimalware and host-based firewalls, where possible. 
• Considering additional firewall configurations to allow your office network to cope with an increase in external traffic from employee devices (if using a VPN). 
• Implementing intrusion detection and intrusion prevention systems (IDS/IPS) within your office network to further protect against malicious traffic. 

 2. Implement zero-trust policies  

Zero trust assumes that threat actors are present both within and outside of your organisation’s network. It is a crucial aspect of securing a remote–working setup. Core principles of zero-trust architecture include:  

• Adopting the principle of least privilege when managing user access. Each member of your team is only given access to files, folders and drives which are essential for their role. This reduces the number of people with access to business-critical information and the number of entry points which attackers can target. 
• Segmenting office networks into zones, with highly sensitive information separated from widely available resources and only available to specific user groups. 

• Using multi-factor authentication (MFA) to ensure that only verified users successfully connect to your office network. 
• Employing software which allows the management of remote devices, such as mobile device management (MDM), to form a base level of security which all devices must meet before their connection is permitted. 

 3. Prevent data loss 

As we’ve seen with a lot of businesses recently, the rush to maintain normal levels of collaboration across teams now working outside of the office often leads to using unsecured communication channels and this can result in data loss. I’d highly recommend implementing a data loss prevention (DLP) strategy. It is a key step to maintaining data protection policies within the office and beyond. Without a DLP policy in place, your business risks data loss or a data breach if sensitive or personally identifiable information is compromised.

Three steps to follow are:

• Establish DLP and secure communication policies within your remote working strategy.
• Select a channel of communication which allows customisation of policies to suit your security and compliance needs.
• Mandate the use of the approved channels to avoid insecure data access and sharing.

 4. Maintain compliance 

Compliance strategies are often built around office working and may not consider employees or devices leaving the safety of the company premises. If your business does not consider how industry standards will be maintained throughout a remote–working scenario, you risk unintentional non-compliance. 

Methods mentioned above, such as DLP, MFA and MDM, all help your business to gain greater control over user and device access to business information, aiding compliance. Other practical steps for maintaining remote working compliance include but are not limited to:

• Continuous management and review of security policies 
• Restricting user access to only necessary resources 
• Implementing a formal remote-access policy 
• Providing online security awareness training 
• Implementing secure ‘bring your own device’ (BYOD) policies 

 5. Raise employee awareness  

As a new wave of cybercrime takes hold, thanks to COVID-19 clickbait and incorrectly configured remote-working setups, employee awareness must be a top priority within your team. Employees only need to download an infected attachment, click a malicious link, or give attackers one piece of information they need to compromise the security of your entire organisation.

At UKFast, we regularly run phishing campaigns to test the competency of employees. These tests assess the ability of employees to identify and report suspicious emails, links and attachments. Anyone who fails the test – clicks on a malicious link, inputs credentials and so on – is given further training to improve their awareness.

Providing official documentation outlining how your team can follow security best practices, wherever they are, also helps. This should cover:

• Securing home Wi-Fi networks by replacing default credentials and enabling privacy settings 
• Locking devices when they’re away from their screen 
• Ensuring monitors do not face a window 
• Encouraging the use of strong passwords and password manager tools, while discouraging password sharing and reuse 

 6. Protect against cyber-attacks 

The importance of employee security awareness has only been reinforced by the increase in cybercrime experienced during global lockdown.

With a dependence on online communications part and parcel of remote working, attackers have really taken advantage of unsuspecting employees via clickbait phishing emails and highly personalised, fake messages intended to steal user credentials and business data.

As DDoS attacks aim to knock company networks offline and halt remote working operations from the top-down, phishing attempts, malware and ransomware continue to be the most significant threats facing remote working teams at user level. Google’s Threat Analysis Group reported a 350% increase in phishing emails from January to March 2020, with 18 million COVID-related malware and phishing Gmail messages detected per day in April.

Simple and secure remote working 

Overall, there’s never been a more critical time to review and improve your business’ security strategy. We’ve seen a huge uptake in cloud-hosted desktops, virtual desktop infrastructure (VDI) and virtual private network (VPN) solutions as businesses get to grips with the most secure ways to access the office remotely.

As lockdown measures continue to change and evolve on a weekly basis, remote working is fast becoming not just a short-term tactic, but a long-term strategy for businesses across the world. We’ll be continuing to support our customers in whatever way we can as we emerge into the ‘new normal’ over the coming months.