fbpx

Stay Home #COVID19

Achieve stable productivity in the time of Coronavirus with this useful checklist.

The reality of the COVID-19 outbreak has now set in — we’re all likely going to be working from home for a while. It’s even possible that after several months of working from home, we never return to the exact same office-based work arrangements ever again.

Now that the initial shock has abated, and the new normal is setting in, it’s a good time for businesses to dig in for the long-haul. This means making sure that their remote work systems are providing the stable, secure foundation for productivity that they need to adapt to this new situation.

Here are some important steps you can take to ensure the stability of your work from home solution.

How to Secure Your Remote Desktop Protocol Software

Many businesses use Remote Desktop Protocol (RDP) solutions to give employees access to company resources while they’re working from home. While RDP can be a huge convenience, if it’s not properly secure, it can also open a business up to some serious security challenges.

Tip 1 – Make Sure Your RDP Software is Updated
Older versions of Microsoft’s RDP client are susceptible to man in the middle attacks. Last year, there were about one million systems that hadn’t been updated to account for serious RDP vulnerabilities in the software. There are undoubtedly still systems out there that are vulnerable, so first make sure that you’re running the latest version.

Tip 2 – Enforce Least Privilege and Restrict User Access
Administrator accounts allow hackers to steal the most data from your network, or do the most damage. By removing those accounts from your RDP solution, while limiting the access of other user roles, you effectively limit the effect that a hacker can have on your network. You may also want to restrict which IP addresses can access your RDP system, a process called “scoping.”

Tip 3 – Have You Updated Your Company’s Anti-Virus Solutions?
There are types of ransomware that have been specifically designed to exploit the vulnerabilities of the remote desktop system, such as the Ryuk malware family that crippled the New York Times, the Washington Post, and other major newspapers in 2019[i]. In the last few months, malware strains like AZORult++ have also been modified to exploit RDP connections.[ii]

Any device connecting to company resources remotely should be equipped with the latest, commercial-grade anti-virus software. This can help protect against these known threats, while helping to stop the new wave of coronavirus-specific malware from derailing your work from home efforts.

Tips for Ensuring VPN Security

Companies should require that employees use a VPN in front of their RDP platform. But VPNs present their own set of security challenges. Just a few weeks ago, Microsoft released its first ever targeted warning to alert healthcare clients of vulnerable VPN appliances, demonstrating just how critical good VPN security can be to a network.

Just like RDP solutions, you should ensure that your firewalls are all configured for success.

Tip 4 – Test Your Firewalls
Hardware firewalls are an important barrier between the Internet and your company network, but many businesses don’t realize that firewalls need regular testing to stay effective. Testing helps detect application-based vulnerabilities and security backdoors that would not be obvious to an end user, but are easily exploited by skilled hackers.

Tip 5 – Dust Off Your VPN Performance Metrics
Have you been testing the efficiency of your firewall? When was the last time you looked at log files for anomalies? Log file data can provide you with valuable insight into throughput, latency, and other key metrics, all of which have an impact on your staff’s experience. Also, if you’re still using consumer grade VPN appliances or software anywhere in your enterprise, upgrade them now.

Tip 6 – Validate All VPN-Connected Devices
Allowing staff to use the company VPN from non-work devices opens you up to data loss, like employees copying work information to a personal device. It also makes your network more vulnerable to malware infection.

While the risk-benefit analysis will be different for each company, those in regulated industries will want to ensure that no personal devices are connecting to the corporate VPN to avoid a wide range of fines and other punishments.

Tip 7 – Enabled Two-Factor Authentication for all Remote Network Access
We’re passionate about 2FA; a topic that we’ve written about before. Weak passwords are a chronic, pressing security vulnerability on virtually all IT systems. If you haven’t deployed 2FA on your RDP, VPN, or cloud applications — now is the perfect time to do so.

Bonus Tip: Aim to Optimize Telecommunications and Network Stability

The last section here may not be a tip, so much as it is a general call to action to holistically improve the stability of your technology systems. Any IT inefficiency or hiccup that was once a minor annoyance will quickly become a major threat to productivity as your staff’s reliance on technology increases.

While now may not be the time for a complete upgrade of your company servers, it’s important to make timely, strategic upgrades to the systems that are enabling your work from home arrangement, such as network switches, routers, and firewalls, storage systems, and others.

Another important way to increase reliability is to invest in commercial-grade telecommunications, a topic which we’ve written a blog post about. In this new work from home climate, your business cannot afford to tolerate hours or days of lost network access, which enterprise grade Internet connectivity can help you avoid.

 

The Complete Network Team Offers Comprehensive Managed IT Solutions

For over 20 years, the Complete Network team has been providing businesses in both Albany, New York and Charlotte, North Carolina with dependable managed IT solutions that provide technology reliability, security, and confidence.

If you’re a business who wants to make the most of your IT investment, maximize productivity, and minimize uncertainty and doubt, we’d love to help! Contact our friendly team any time to ask us a question or find out how we can help. Call us at 877 877 1840 or email us at [email protected].

[i] https://www.nytimes.com/2018/12/30/business/media/los-angeles-times-cyberattack.html

[ii] https://www.securityweek.com/azorult-variant-can-establish-rdp-connections