- 18th March 2020
- Posted by: Angela Maria
- Category: Advisory Alerts
Majority of the companies, during the outbreak of the pandemic COVID-19, have asked their employees to work from home. With the pace at which the Coronavirus is spreading, it has become quite urgent to kick start remote working, to ensure the continuity of operations. Am I prepared for it? Is my infrastructure ready? How fast can we jump-start into working remotely? With Digital Transformation and cloud computing, we already would have most of our infrastructure hosted on the cloud.
Assuming that your employees already have their laptops and you are already using Technologies like Google, Microsoft, Zoho or any other for collaboration, here are a few guidelines, we could help you out with, to kick start remote working at the earliest by securing your corporate network. There are risks associated with remotely accessing the corporate network. Hence we need to be cautious.
Remote Access Services
The primary question is, do you have the infrastructure to start Remote Access Services? If not we would need to set it up. Remote Access services require a combination of hardware and software which enables you to connect from your residence to your office network. This can be enabled by creating a client-to-site VPN, which will enable the remote connectivity to your internal network. Having a Firewall in place will enhance your security as well. However, it should be configured to ensure optimum protection.
A firewall is going to be the first point of access into the corporate network, while remote working. A Firewall which will meet the substantial security requirements is what we need to look into and it should be in line with the scope of the company. We have seen that in some companies they have the Firewall in place, but it is not configured properly. Firewall Configuration Reviews are equally important to ensure the security of the corporate network. Making sure what connections are required, what ports are open and which services are allowed, will confirm that only the legitimate connections access the corporate network. There are multiple Firewalls that are available in the market like Sophos, Checkpoint, Fortinet and many more, which are also available with a range of features.
VPN for Remote Work
Virtual Private Network (VPN) creates a secure tunnel through which the employees connect to your Corporate Network. A VPN would encrypt the transmission channel that helps in protecting the data in transit between the remote system and the corporate network and thus protecting the business network. There are many providers which offer VPN free of charge. However, the integrity and security of the VPN provider should be assessed prior to choosing a VPN as there are challenges involved.
When employees connect to the corporate network remotely, other than using just a username and password, it would be good to have another mode of authentication – which could be something you have or something you are. We could stick to 2FA which could be either a certificate or a token. This will strengthen security and provide enhanced protection from cybercrimes.
Network Penetration Testing
Prior to starting remote work, it would be ideal to perform a Penetration Testing of your Corporate network to identify if any vulnerabilities may exist and to understand how well your network, infrastructure and critical assets are safeguarded. Any vulnerability in our network may result in severe damage to an organization. It could take an expensive toll in terms of loss of intellectual property, leaking of confidential data, business disruption and reputation of the organization. Network Penetration Testing would be highly advisable to maintain the confidentiality, integrity and availability of your critical systems, data and other assets.
Enabling remote working can be quite challenging for the IT staff, if the infrastructure is not set up. It could compromise several layers of security if not properly configured. Hence security is an important aspect while working remotely. The administration and management of these systems are equally important. If all is set up well and configured properly, there is nothing to worry. If you need help in setting up Remote working, speak to us