March 2020 was a blur to many.
That had nothing to do with a famous Mexican beer but the fact that we all started the journey of learning to work from home full time.
Webinars, zoom meetings, video calls we all learnt a thing a two about being more productive when working from home. This included great advice like "dressing for work" instead of sitting in your pyjamas all day (something I do only after too much Mexican beer).
What about IT security?
All the tech people were in a mad rush to get everyone set up with their hardware, VPN's and monitors - we had very little time to communicate security measure you should be aware of when working from home on company hardware.
Let's cover some of the top security threats that criminals are actively targeting people just like you.
1) Web filtering
Many see web filtering as a form of control over their staff, and it's not usually a popular solution to implement. Quite often, web filtering is more of a hindrance.
However, there's an excellent reason why you may want to think about filtering the web on all company hardware.
This comes down to the fact that in most common office environments, there's an enterprise-level firewall solution in place. These firewalls usually have an inbuilt level of web filtering that helps keep the workforce safe.
However, when working from home you are relying on your staff's home-based broadband connection, and there's no corporate firewall in place.
That's where web filtering comes in. The software can be installed on all devices, and no matter what internet connection is used, there will be a level of protection that complements what you'd come to expect from a corporate firewall.
If a staff member accidentally visits a malicious website, there's going to be a limited risk of company hardware (and more importantly company data) becoming compromised.
2) Home Broadband Denial of Service attacks.
What would happen if hackers changed tack? What if they started attacking home broadband connections? What protection do you have in place to cover your systems?
Known as DDoS, the truth here is that a targeted DDoS attack on a specific user is going to be rare. There are too many variables in place, including the fact that the attacker would have to figure out the home IP address. These tend to change on a regular basis and are known as Dynamic IP addresses.
However, we recommend using a mobile device as a wifi hotspot if there is ever a loss of internet service on your home broadband connection.
When was the last time you tested your hotspot capability and did your staff have ample data allowance if they ever need to use the hotspot capability?
This is worth checking.
3) Windows Updates & Patching
Making sure all your devices are up to date with the latest Windows updates is one of the best layers of protection you can have across the workforce.
However, it can be challenging to implement management of patching when all users are remote.
When was the last time you were given a report of all machines that are active in your company and the last time they were patched?
Most IT service providers will tell you about their remote monitoring and management solution which is supposed to cover this but are you getting a regular report or at least know the service provider is checking this?
Since moving to a work from home environment, it's worth checking just how up to date machines are across the user base.
If you would like help with this, then don't hesitate to get in touch.