[BreachExchange] Top 5 IT tips for remote and mobile teams

Destry Winant destry at riskbasedsecurity.com
Tue Sep 11 21:59:20 EDT 2018


http://www.computerworld.in/blog/top-5-it-tips-remote-and-mobile-teams

Cybersecurity threats are lurking everywhere.

In 2015, a vulnerability was detected in WiFi routers in hotel
allowing attackers to distribute malware and monitor and record data
sent over the network. A laptop is stolen every 53 seconds in the
United States. USB keyloggers can be found in systems stored in a PC.

Honestly put, it’s a scary world. And this threat is further
accentuated by the fact that this is a millennium of remote work.
Almost all organizations nowadays have had to accept employees who
work remotely. Whether these are employees who are deputed on the
field, employees who work a couple of days from home or employees who
log in from home every day, remote and mobile teams are a daily
reality and they bring their own challenges for the relevant IT teams.

Here are the top 5 IT tips for remote and mobile teams to ensure they
stay secure:

1. Password Security

This tip continues to be ever-present in every cybersecurity dialogue
but the reason is because of its important. Especially when it comes
to remote teams working outside the enterprise network, a strong
password is the best defense against any threat. Remote teams must
ensure they keep strong, difficult to crack passwords with ideally
different characters and two-step authentication. They must also not
share these passwords with anyone else, not write them down anywhere
and change them frequently.

2. Keep devices updated

In a normal office setup, the IT security team will put in policies to
ensure that their systems are updated with the latest patches and
updates to the browser, operating system, etc. However, for teams
which are working remotely and maybe on their own devices, this is
also a non-negotiable item. If any official work is done on a device,
whether it is private or personal, the company policy must be that it
is updated with the latest patches. Devices which have not been
updated are a recipe for disaster and can be easily exploited by
cybercriminals to steal official data.

3. Using public systems and WiFi

Sometimes, remote employees will work out of cafes or restaurants.
Employees may even use the airport WiFi when they are transiting on
official work. While this can be convenient, it can be extremely
dangerous. Public WiFis may often not have the correct security
compliances making them very vulnerable to be hacked. Criminals can
record and steal data from them.

The same advice should be followed for public systems as well. They
may have the most rudimentary of security systems, not even having an
anti-virus solution, and should never be used for doing official work.
In fact, they also pose a physical risk with people around easily
capable of seeing and even photographing important information.

4. Encryption

It’s always a good idea for employees who are working remotely to
encrypt all information sent to the main enterprise network. This adds
an additional layer of protection and ensures that even if hackers
manage to access the data through a vulnerability or a black hole,
they are unable to use it without the decryption key. Seqrite
Encryption Manager protects corporate data residing on endpoints with
strong encryption algorithms.

5. Manage & Enforce a Remote Cybersecurity Policy

If an enterprise has a number of teams who are working remotely, they
cannot afford to be reactive. A proper cybesecurity policy for these
teams, which cover exact dos-and-don’ts along with important
instructions must be devised and communicated to all in the company.
Even more importantly, it must be strictly enforced so that all
employees are aware of what they are expected.

As the world grows more even more connected, the proliferation of
remote workers will only increase, leading to more headaches. But
enterprises which can keep the basics in mind and ensure that everyone
is on the same page will go a long way in remaining safe from cyber
attacks.


More information about the BreachExchange mailing list