Coronavirus is changing everything. But amid all the talk of shut-downs, quarantine, and stock market crashes, another huge impact of the current crisis has been a little overlooked: it’s consequences for cybersecurity.
With hundreds of thousands of employees now working from home – in the US, Europe, and all over the world – many companies have had to rapidly put in place systems for them to connect their home devices to corporate networks. Whilst most companies now know how to secure their business systems, including monitoring their websites and monitoring their servers, few realize that implementing secure remote working systems requires a similar level of focus on securing home networks.
In this guide, we’ll take a look at how to protect home devices that are connecting to corporate networks.
Lock Down Devices
The first step in doing this is to ensure that the devices that employees are using to connect to corporate networks are secure in themselves. When employees are working in the office, IT staff have a high level of control over the network and can ensure that their cyber threat intelligence
secures the perimeter of it. Once employees start using their home devices, they open themselves – and your network – to a new level of threat.
Employees should ensure that the security software on their home devices is up to date, and should be taught how to set up a strong password. Ideally, they should also segment the accounts they use at home from those they are using for work: this can be achieved by asking them to set up new usernames on their home computers, which they will use only for work.
When working remotely, employees are also likely to have to store sensitive data on their home devices. They should, therefore, receive training on how businesses should store data, including the importance of encryption even on their home devices.
Lock Down Home Networks
It’s equally as important that the home WiFi networks that employees use to connect to corporate networks are secure. If employees do not normally work from home, it’s unlikely that they’ve taken the basic steps necessary to secure their home networks, so now is the time to do that.
Securing a home WiFi network is not difficult. Employees should change the default password on their router, and enable network encryption. They should also ensure that their router is not physically accessible, and hide their IP address where possible.
For most employees, these steps will be enough to ensure security. For more senior employees who are executing critical business functions such as contacting customers or payment processing, a few further steps are necessary. These should include disabling DHCP functionality on home networks, and configuring corporate servers to only accept connections from static, trusted IPs. They should also implement a firewall on their home network so that only your corporate network can connect directly to their machine.
These steps should be applied across all devices that connect to home networks: not just desktop computers on which employees will be working, but any tablets or smartphones that will be connected to the same network whilst they are connecting to corporate systems.
Connectivity
Finally, it’s important to look at the security of the connections between home devices and corporate networks. How this is done will depend on how employees are connecting to corporate systems.
For some applications, employees will connect directly to corporate cloud storage or programs running directly on corporate servers. For these systems, employees working remotely should be given a VPN and taught how to use it. This will ensure that the data exchanged between their home devices and the corporate network is encrypted, and cannot be intercepted.
For many tasks, however, employees will not be connecting directly to corporate systems. For instance, if an employee is charged with updating your website, they will likely log into your CMS directly from home. For most businesses, given that 32% of websites on the internet run on WordPress, that will mean logging into WordPress from home. Ensuring the security of this connection is more difficult, but can be achieved by routing employee’s connections through a proxy server overseen by IT staff.
Challenges and Opportunities
It’s long been argued that remote work presents both opportunities and challenges for businesses: that it is either an opportunity or a potential train wreck. For businesses rushing to implement remote work solutions during a crisis, this is doubly true. If employees are forced to begin working from home, you should ensure that every system they use – from their home device to their home network to their connection to corporate servers – is protected, and this is going to take a significant investment of resources.
On the other hand, moving to a remote work environment presents opportunities for businesses as well. Setting up the security precautions above has been important in getting the most out of your team collaboration app for years before the current crisis. Equally, the current crisis has focused minds on the importance of ensuring the security of home networks when working remotely.
Get these systems in place now, in fact, and you will be well prepared for the future, in which remote working is going to play a huge part. Just ensure that you also continually monitor your systems, particularly at times of change such as when you decommission a data center, in order to keep them secure long into the future.
Sam Bocetta
Sam Bocetta is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyberwarfare, cyberdefense, and cryptography. Currently working as part-time cybersecurity coordinator at AssignYourWriter