Remote Working Advice – in response to COVID-19

March 18, 2020 • Blog
Share this article

Remote Working – Summary

  • Home network security – ensuring that remote workers have done everything they can do to make their home networks secure;
  • Phishing and scam awareness – making sure there is a heightened-level of awareness around potential scams relating to COVID-19 as the “hook”;
  • Securing Personal Devices – where remote workers use their own equipment, ensuring those devices are current and up to date (the same as company owned devices);
  • Multi-Factor Authentication – ensuring the organisations understand the risk if they continue not to enforce MFA for external access of any kind;
  • Physical security – with unpredictable patterns of human traffic and unattended workplaces, opportunists will be on the prowl for easy pickings;
  • Patch management – the ability to keep all the organisation’s assets up to date and apply patches needs to continue throughout the pandemic;
  • Network security (including Cloud) – ensuring that organisations have taken appropriate steps to allow secure remote access with minimal risk;
  • Monitoring and auditing – that monitoring and auditing activities occurring across the IT environment continue throughout the pandemic.

This document incorporates some advice from the ACSC.

Remote Working – General Table of Risk Items

In response to the COVID-19 pandemic, there are a number of things that organisations should be addressing to ensure risks associated with remote working are minimised. The risk exposure will vary between organisations depending on their existing reliance on remote working, and whether or not they have had to implement solutions in order to adapt quickly.

Home network security

The environment belonging to the remote worker, such as their Internet connection, Router/gateway, Network connectivity including Home WiFi

It is important for remote workers to ensure their home networks are adequately configured, including things such as:

Reccomendation:

  • Wireless networks using strong encryption (WPA2 or better); and
  • Home gateways/routers not using default username/password; and
  • Other devices on the home network are up to date and well managed.

Why is this important?

To reduce the risk of being redirected to fake/rogue Internet services, or from exposing the remote worker’s corporate activity to other unmanaged network components.

Some of this risk can be mitigated by the use of an enterprise grade Virtual Private Network (VPN) solution.

Phishing and/or Scams

nteracting with or being exposed to scams or phishing messages (via any means, such as phone, email, or TXT)

Recommendation:

There is already emerging evidence to suggest increased threat activity around using COVID-19 and pandemic story lines as “pre-text” to social engineering attacks, and the following things can address this:

Ensuring that all remote workers know about the need for heightened awareness when it comes to reported scam activity. For example, this recent advisory from Stay Smart Online;

  • Repeat communication about the recommended company triage process for reporting of hoax, phishing or spoof messages and scams;
  • Communicate to remote workers, that if they wish to research or learn more about COVID-19 only use official sources, such as:
    • World Health Organisation – who.int
    • Australian Gov Health – health.gov.au
  • Discourage sharing of sensationalist information regarding COVID-19 from non-official sources, and reinforce existing social media policy awareness

Why is this important?

Ensuring that increase risk surrounding the pandemic of COVID-19 is matched by countermeasures to react to activity from threat actors.

Securing Personal Devices

Any computing or mobile devices being used by a remote worker that are not owned by the organisation.

Recommendation:

Ensure that all personally owned devices are up to date and using supported operating systems and software (i.e. Not using Windows 7 as it is no longer officially supported by Microsoft)

If possible, consider allowing remote workers access to endpoint protection (anti-malware) licenses to encourage installation of security software onto personal devices.

Manage compliance of expectations accordingly, through either a home working acceptable policy or similar.

Why is this important?

Allowing remote workers to access the organisation’s information resources from their own devices will increase the risk if those devices do not meet minimum security requirements

Multi-Factor Authentication

Any part of external access control mechanisms that require an additional factor of authentication, such as TXT message, Mobile authenticator app, Google Authenticator, or hardware security key or device.

Recommendation:

All remote workers, when authenticating to externally accessible systems belonging to the organisation should enforce Multi-Factor Authentication (MFA)

Why is this important?

The prevalence of successful phishing attacks, and data breaches where users continue to re-use passwords, means there is still significant risk of the theft of passwords. These stolen credentials, if not challenged by an additional factor of authentication, can be used to gain unauthorised access to systems.

Deploying and enforcing MFA significantly reduces the risk of unauthorised external access.

Physical Security

Any physical locations, including Home, Offices, Branch locations, Warehouses, etc. that are of importance or connected to the operations of the organisation.

Recommendation:

Ensure that there is clear communication in workplaces about who is the last the leave, to ensure correct lockup procedures are followed.

Do not leave equipment or other assets within easy reach; keep them locked away or take valuables home, as you would over a holiday season period.

Ensure that remote workers understand the expectations around access to company information, including other members of the home from which the remote worker is working from.

Why is this important?

With the dramatic shift of normal human traffic patterns and behaviour during the COVID-19 pandemic, this will likely open the risk of opportunistic criminals who will take advantage of empty workplaces.

Additionally, with remote workers bringing company sensitive information home, there is also the risk of access to that from others in that environment.

Secure boundaries start with open communication.

So, let’s talk. Whatever you need, whatever cybersecurity risks you’re facing, we have the proven expertise to help.

Contact us for a non-obligation quote now.

Contact us

Speak with a Tesserent
Security Specialist

Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.

Let's Talk
Tess head 5 min

Related Insights

Blog
Key Updates in the November 2023 Australian Signals Directorate's Essential Eight Maturity Model
Key Updates in the November 2023 Australian Signals Directorate's Essential Eight Maturity Model
Blog
Critical Infrastructure and Cyber Physical Systems: Importance of Being Prepared
Critical Infrastructure and Cyber Physical Systems: Importance of Being Prepared
Blog
Addressing challenges associated with cloud adoption
Addressing challenges associated with cloud adoption
Blog
The Evolution of Cybersecurity: NIST Releases Draft of Cybersecurity Framework 2.0
The Evolution of Cybersecurity: NIST Releases Draft of Cybersecurity Framework 2.0