But be wary of phishing attacks that steal VPN-related account credentials. Use the dedicated enterprise VPN servers only on your work laptop or desktop to make the connection between your network and the office’s secure.
NOTEWORTHY HOME SOFTWARE
Use security software provided by your company, follow company data protection measures, and do not mix personal browsing and activities while working. If use of personal equipment cannot be avoided and you have to use your own machine, keep it as close as possible to office security standards.Work-issued laptops or machines should be for employee use only other members of your household should not have access to your dedicated work equipment. Do not use your personal machine as it may have fewer security controls than your company-owned hardware. Use a company laptop for remote work if possible.
Security teams can find more considerations for their company policies in the SANS Institute’s guide to securely transitioning to work from home. Regulate access to VPNs, and require users to renew their logins periodically (e.g., allow a maximum of 12 hours of access each day per user and automatically log users off from the service). The increase in mobile workers means that organizations should have enough virtual private network (VPN) licenses and network bandwidth to accommodate the number of users.
Ensure that there are enough VPN licenses.Follow the 3-2-1 rule in backing up data: Create at least three copies of the data in two different storage formats, with at least one copy located off-site (e.g., provide external SSD or HD drives). Equip employees with intrusion prevention and protection against data loss and theft, preferably through IT-approved company-issued laptops. Assess your security and establish clear guidelines on remote working as aligned with company policies. Preconfigure work-from-home arrangements.Passwords have time and again been hacked, leaked, or stolen. Make sure to have logins set up to not rely on passwords alone (e.g., use authentication mobile apps or biometrics). Many major websites and services are implementing two-factor authentication (2FA).
0 kommentar(er)
