After covering The Rise Of Remote Working and the best practices for employees working from home, Boltonshield will now look into what organisations should be considering in terms of remote working, what they should be doing and how Boltonshield can help them stay safe while achieving their business objectives.
While it can be crucial to business continuity to be able to quickly adapt to an external environment in constant flux, organisations and companies wanting to enable their employees to work from home should not rush into it. There are a number of aspects of remote working that need to be considered, including critical issues that must be addressed at the earliest opportunity.
First and foremost is the creation and installation of a Virtual Private Network (VPN). A VPN provides end-to-end encryption so that business activities taking place on your IT infrastructure, whether on-site or between the core office and a remote location, are conducted in a safe and secure manner.
A VPN offers additional protection from external malicious entities, helps fend off unwanted access to private information and business documents, facilitates safe and finely-tuned data sharing, allows for the remote accessing of data, and avoids the loss of access any outside network can potentially inflict on a remote worker (e.g. country-specific censorship rules, a hotel’s WiFi policies, etc).
IT governance policies and procedures are not static
While an organisation may have spent a considerable amount of time and resources in shaping its IT governance and all the processes and rules that comprise it, there is an undeniably important necessity that this collection of procedures and best practices are revisited on a periodical bases so that the most up-to-date picture of both the organisation, as well as the external business environment, is incorporated into the plan.
The number of employees may have increased and thus increasing the strain on the network, team members from remote locations or other countries may have been hired, equipment may have become outdated, software licenses may need to be renewed, software choices may have to be reviewed, external data privacy frameworks may have been changed so that internal compliance has now been affected and is in need of corrective changes, new users may have joined and are in need of IT training and IT security education. The list is endless. A prudent organisation views this as a fluid, iterative process, which aims to reduce potential vulnerabilities and risks with every review.
The ‘design, implement, review, alter’ approach is not restricted to an organisation’s broader IT policies at the highest levels of abstraction. The need to constantly review and react accordingly applies to every single aspect of your IT infrastructure. So too is the case with your network and any firewalls you may have installed. Firewalls are best reviewed every six months, with the person or team responsible for the review going through an exhaustive checklist so that they ensure that rules are optimised, that the physical and operating system security are up to scratch, and that the people responsible for the management of the firewall are following the predetermined procedures.
Multi-factor authentication / Two-factor authentication
Multi-factor authentication requires the provision of more than piece of evidence when a user requests to be granted access. While the two terms, MFA and TFA, aren’t interchangeable, with the latter specifying that two pieces of evidence are needed while the former meaning anything bigger than one (although it most often implies the requirement of three identifying entries), it would be prudent for organisations to implement this. Multi-factor authentication dramatically decreases the possibility of a successful hacking attempt as the probability that the malicious entity can obtain all three requirements for entry is generally quite small.
Data Leakage Prevention
Corporate data can exist in three distinct forms. It can exist mid-use, for example when an employee or automated process is working with that dataset; it can be in motion, for example when transferred through the network; and it can be at rest, when it lies in data storage.
Data leakage prevention software is able to monitor this data in all three states, detecting any possible attempts at extracting or viewing that data and warding them off by blocking the data in question.
Endpoint security practices help prevent the exploitation of end-point devices, such as portable devices and desktops, by hackers and other malicious entities. These practices include the use of antivirus software, as well as more comprehensive protection platforms able to examine incoming files and detect advanced threats such as fileless malware and zero-day attacks.
Sometimes the most advanced cybersecurity systems can become undone through user ignorance and the resulting harm they can inflict on the organisation. Organisations should make it a habit to train all current and newly-hired employees, educating them about the potential dangers that exist and ask them to tailor their online and offline behaviour accordingly. Even advanced and experienced users should be informed on a periodical basis so as to be kept abreast of any new or emerging threats.
Upgrade and Update
It goes without saying that both equipment and software can become antiquated, ineffective, faulty or simply be out of date. Allowing this to happen opens you up to the possibility of threats, particularly in instances where malicious actors have had years to develop penetration techniques designed specifically to bypass a specific piece of protection hardware of software.
Software and devices should be updated on a regular basis so that threat databases are updated and any faults are patched. When a device or software has served its purpose and any updates are simply keeping it functional, rather than optimal, then it must be reviewed for replacement.
An IT system must be constantly surveyed so that you can detect any attempts at breaching it for the extraction of data, any potential system weaknesses, as well as any other threats that may endanger it. This is a proactive process and the ability to react and fix any issues before anything dangerous has already happened is invaluable to an organisation.
Review and restrict access
Organisations must constantly review which users have access to what kind of data and apply restrictions accordingly. For example, department-specific data should not be accessible by users who are not members of that department.
Moreover, even if a user can access a folder and the files within it, what can they do with those files? Can they edit them and save them after changing the original file? Can they copy them to their local device? Can they delete them? These are just some of the questions that need to be answered when creating your organisation’s access levels.
Cybersecurity insurance helps companies and organisations recover from a potential cyber attack. Generally, such policies help deal with the expenses of an investigation by a third party, any potential financial loss after a breach, as well as any liability that the business may be affected by. Organisations must regularly review their insurance policies so that they are up to date, extended, and as comprehensive in their coverage as necessary.
Use encryption in communication and storage
Data encryption involves the encoding of a set of data so that it can be deciphered and accessed by the person with the correct encryption key. This ensures that no external entities or anyone who should not be able to access the data can gain entry to it. Moreover, encryption should also be used in communication, not just in data storage. This means that when the data is transmitted through the network it is encrypted and thus preventing any interception or eavesdropping.
Review and test backup regularly
The importance of a healthy backup process cannot be overstated. Regularly backing up your data can provide a safety net in the event when data has been stolen, held hostage, lossed or damaged. Organisations should ensure that their backup processes are tested and reviewed on a regular basis so that any accidental deviation from the planned backup process or other potential faults are prevented or identified as quickly as possible.
Use the cloud
We have long gone past the notion that local means safer. Cloud-based computing solutions can enable an organisation to quickly adapt to changing needs, remain up to date with the latest technological updates and threats in a manner much swifter than locally-based solutions, scale up or down accordingly, as well as avoid any potential issues that may arise from local server crashes.
Test effective security
It is prudent that organisations go beyond the implementation of IT security measures and truly test their ability to defend themselves from outside threats of all sorts. Organisations can hire specialists who can conduct penetration testing, as well as comprehensive security assessments and audits. This will allow an organisation to truly understand their current setup’s security limits and quickly move to address any latent vulnerabilities.
How Boltonshield can help
Boltonshield can help you assess your current security levels through a variety of methods, including penetration testing and security audits. This can help you identify problems and potential risks in a proactive manner and address them before they can be exploited.
Boltonshield can provide your organisation with terminal servers which can be used by remote workers. A terminal server can provide a safe, secure and remote working environment, access to organisational resources from wherever they are, as well as a singular point of both entry and maintenance which can be more easily monitored and managed.
If you want to get updated about our recent publications about cybersecurity related topics, subscribe to our newsletter!