How to secure remote working devices from cybersecurity threats

Whether working from the confines of the office or at home, every year cybersecurity becomes a greater concern for IT departments. Under the cloud of COVID-19, the number of remote workers has risen dramatically. Unfortunately, many were not prepared or ready for such a transition to home, leaving networks, devices and data vulnerable.

Not all is lost, though. Since stay-at-home orders began being issued worldwide, a number of organizations have published best practices for remote working. From VPNs to cloud services to software updates, there are a number of steps that can be taken to prevent network intrusions.

Do not expose systems directly to the internet

If it can be helped, do not expose applications or systems directly to the internet unless necessary, advised Kevin Donegan, VP of Strategy and Cyber at Convergint Technologies.

If it is necessary, ensure they are using HTTPS/TLS or other standards to secure the sessions, confirm that the underlying systems are patched, ensure users have unique credentials, and require the use of multi-factor authentication.

“Use physical or logical segregation to isolate systems exposed to the internet to limit vulnerability, and deploy a managed detection and response (MDR) capability to mitigate risks automatically when an attack does occur,” he said.

Utilizing a virtual private network (VPN) to access Wi-Fi networks and to encrypt all communications that traverse the open internet is another way to secure data.

Reset passwords

Companies should audit employee passwords, resetting passcodes used to access enterprise services. New passwords should fall within strict security policies — alphanumeric codes and multi-factor authentication are recommended.

It is also important to reset home router passwords. Home Wi-Fi routers often become victim to hacking simply because default passwords are not changed. Remote work makes this a simple, yet crucial step, to securing data and the network from cyberattack.

Disable unnecessary services and applications Now is a time where only necessary services and applications need to be accessed. Donegan recommends disabling all services and applications that are not absolutely required on devices being sent home with the workforce.

“Enable or install an endpoint-based security application to monitor and protect the devices. Continue to update software and patch the operating system while the devices are in use,” he advised.

Keep devices and software updated

The number of new viruses and malware created and discovered only continues to increase. Exploiting times of crisis are especially common for cybercriminals, which is why keeping devices, software, operating systems, applications, etc., up-to-date is important.

Hackers bank on the laziness of people to fail to update their software. This leaves easy openings for breaches. Regularly updating software helps patch vulnerabilities.

Be prepared for lost devices

When employees are working in the office IT departments worry less about stolen and lost devices. But now that security net is gone as devices adventure outside. This means that companies must have a plan for what happens when and if devices go missing.

The UK-based National Cyber Security Centre pointed out that remote workers should know what to do in the event their device is lost or stolen. Employees should be encouraged to report such events as soon as possible in order to minimize the risk to data.

Keep your eyes open

The measures above are only basic steps to protect networks and devices. Remaining vigilant and sticking to corporate services for work tasks can further ease cybersecurity concerns.