Don’t Let Remote Employees Expose Your Business

With millions of Americans working at home because of the coronavirus pandemic, the businesses that employ them are more vulnerable than ever to ransomware, phishing and other cyberattacks. It’s essential that companies take thoughtful risk management actions, consulting with management teams including IT professionals, to develop a plan specific to their needs.

There are three basic methods for remotely connecting to a company infrastructure from home. The least secure is allowing employees to use their own devices to work from home. A more secure method utilizes Remote Desktop Protocol (RDP), while a Virtual Private Network (VPN) is generally considered the most secure method of connecting remotely. Each method carries unique and shared risks.

Employees Use Their Own Devices to Work Remotely

If employees work remotely using their own devices and internet connection, the cybersecurity risks to businesses derive mainly from: any data they send to the company; direct access they make to company resources; and the elevated risks posed by increased online activity.

Employees using private email can be particularly susceptible to phishing attacks. Some employee private emails may already be infected with malware.

Train employees on how to avoid phishing scams and require the use of business rather than personal email accounts to conduct business. Encourage them to practice good cyber hygiene when using their personal devices and to report any security breaches or cyber incidents to the appropriate business contact.

When working at home, employees should: Use long and complex passphrases; set up automatic installation

of updates to operating systems and software; employ firewall and anti-virus protection; not share personal or business confidential/sensitive information online or by phone.

Remote Desktop Protocol

If employees require access to business resources, using RDP (or a VPN) provides end-to-end encryption that is more secure than transferring or accessing files from a non-encrypted connection. RDP is a Microsoft tool distributed with its operating systems that allows one device to remotely connect to another.

According to the ransomware recovery firm Coveware, misconfigured, poorly secured or unpatched RDP was the vector of attack for nearly two-thirds of ransomware attacks during the first quarter of 2019. Older versions of RDP are not updated automatically and require a security exception for upgrade alerts. Make RDP connections as secure as possible. Set firewalls to limit access to RDP ports and limit users who can log in using RDP.

Employ Multifactor

Authentication (MFA) in RDP

Multifactor authentication refers to using more than one method to verify a user’s identity. That means using a combination of something that you know — like a password, phrase or answer to a question — with something that you have — like a physical or cryptographic key — and/or something that you are — a biometric scan of your face, fingertip, or retinal scan. MFA is an important tool to help your business restrict access to systems.

Virtual Private Network

A VPN utilizes technology like RDP, but it is developed by other software vendors. VPNs also employ end-to-end encryption when connecting a remote device to another, usually to access business resources or to securely connect to the internet over Wi-Fi. VPN software should be deployed by your business so that it may be properly configured. As with RDP, ensure that MFA is enabled or employ a secure single sign in.

If your company uses a VPN, instruct employees to use it exclusively to access business resources, especially when accessing your systems via public Wi-Fi. Ensure that VPN software is configured to patch automatically and monitor alerts for vulnerabilities.

Issuing consistent communication that instructs employees to use the most secure means to get their work done will go a long way toward ensuring continued and successful business operations.