Working safely from home

17. March, 2020

Home office is experiencing a boom with the Covid-19 health crisis and the #flattenthecurve efforts: Those who can, stay at home. Many companies that do not contribute to the essential daily care are standing empty for the time being. Instead of sitting in the office, employees are now increasingly sitting at home in front of their computers.

Depending on availability and the short-term possibility of providing sufficient technical infrastructure, home office can be operated with both private and company equipment.

Update and secure computers

Private computers carry the greatest security risks and should be used only in an emergency. If possible, company-owned hardware is always preferable – especially, but not only, for reasons of IT security.

Unsecured, outdated systems provide attackers with access to the company network virtually on a silver platter. The first step is therefore to check the computer for system and program updates and run a complete virus scan. You should also make sure that you do not work with an admin account, but log in as a user with limited access rights.

Windows 7 devices, which are no longer supported by Microsoft since the middle of January, should receive an upgrade to Windows 10 if possible. Computers that are only used for low-capacity activities can give free operating systems such as Linux Mint or Zorin OS a secure second life. These systems are designed for simplicity and speed and offer good graphical user interfaces that Windows users usually get along well with. However, under Linux the VPN service can cause difficulties – so be sure to clarify this in advance!

Establish secure connections

A VPN connection also allows secure access to the company network from outside. However, it should only be installed on clean devices that have already been updated. A compromised end device also gives attackers access to the VPN connection, so endpoint protection remains the most important basic requirement.

It is also worth allowing employees to access emails via Outlook WebAccess. This relieves the load on servers and lines if emails only need to be checked briefly or contact details need to be researched. VPN connections are best configured so that they are automatically disconnected after a certain period of inactivity!

As an alternative to VPN connections, Microsoft offers DirectAccess for corporate environments. DirectAccess automatically establishes an encrypted connection if the client is not located in the company network. Requirements are Windows Server 2008 R2 and 2012 and on the client side Windows 7 or higher. Starting with Windows Server 2016 and Windows 10 the successor Always On VPN is available.

Security precautions at network level

Additional security is provided at the gateway level by a suitably configured firewall: only the necessary areas can be unlocked by user or user group to prevent access to the entire network in the worst case.

For uncertainties and problems, a remote program such as AnyDesk or TeamViewer is a good choice. We also recommend SysAdmins to promote (and have) understanding and open ears: The faster you learn in case you have doubts, e.g. if a dangerous link is clicked or data is entered on an external site, the better.

Virtual meetings apart from problem solving can be held not only via telephone or Skype or Lync. Jitsi Meet, for example, is an open source project that enables encrypted video conferences – free of charge and without registration. Due to the increased demand, it may make sense to set up an instance on your own server.

Inform and raise awareness

Those who work on the move must take care not only to take technical security precautions but also to prevent physical access to end devices with company data and network access. Certain basic rules must also be observed within your own four walls – from locking the screen when leaving the workplace to promptly installing updates. With the home office you take a piece of the office network with you to your home and should take the same precautions there as in the office. IT security is increasingly challenged and in demand, especially in crisis situations. It stands and falls with the weakest link – us users.

Special precaution is required when entering internal user data. Teleworkers need to know exactly the pages and links where you register for various company services. Watch out for possible phishing attempts; only saved links to the services should be used and under no circumstances should search results be used. Spam and malware campaigns and malware apps are also punctual: External emails and applications on the subject of corona – may be a manipulated virus card, an alleged virus tracking app or harmful links – try to trick users into entering data, installing malware or visiting contaminated websites.

Please stick to well-known, reputable sources of information and do not be tempted to react rashly. In case of doubt, better ask twice in the IT department and put mistrust above curiosity!

Internal cooperation also outside the office

IT employees are particularly challenged in times like these. Much of their work is invisible as long as it runs smoothly and quickly – the admins are usually one step ahead of us. So we are able to suddenly work from home, laptops have already been prepared, VPNs have been set up, bandwidth updates requested, lines increased and user questions answered… In the coming weeks, many things will continue to run differently than usual and there will be even more to do, especially in IT security. Kindness and mutual understanding will strengthen the team spirit and cooperation enormously.

Links:

Security tips to protect your data and devices

Underestimated threat: Mobile malware

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download