Earlier this year, when organizations across the globe were forced to suddenly pivot to remote work, many experienced a rough transition. Though many organizations have mostly adapted to this new normal, quite a few continue to struggle from a technology standpoint and may be inadvertently compromising their security posture. The Bird Rock team is here to help you safeguard your digital assets and support your remote work teams so you can focus on what you do best.
Easing the Transition & Remaining Productive from an IT Standpoint
Setting your remote teams up for success depends on IT infrastructure designed for remote work. Technologies like virtual desktop and cloud storage providers allow your employees to access the applications they require from anywhere in the world using a UX design they are already familiar with. This gives employees the tools they need to work remotely without the added stress of learning an entirely new system.
Relying on cloud-based applications can also help organizations reduce costs by safely and easily switching to a BYOD (bring your own device) model. Pairing a cloud-based IT approach with a BYOD model allows organizations to avoid purchasing work computers and other endpoints for employees as well as centralize application and data storage backups on the cloud.
Keeping Your Remote Teams Secure & Compliant
Shifting to remote work brings with it an array of cyber dangers. Many organizations handle sensitive data and need to ensure that data is safeguarded both when it is being stored and when it is being shared. Remote work can complicate this process since some workers will require access to this data while working from home.
Though we have already discussed how organizations can leverage SASE (Secure Access Service Edge) to protect both on-site and remote employees1, there are a few other steps you can take to improve security and ensure compliance.
Remote work has also changed how workers interact with one another, and phishing emails are on the rise as malicious actors seek to steal credentials. Implementing multi-factor authentication can help prevent successful phishing attacks, and you can also improve your organization’s overall security posture by investing in VPN solutions and keeping those solutions updated with the latest security updates and patches.
As employees continue to settle into remote work, you should consider offering refresher security training to all workers. Not only will this help ensure that security stays top of mind, but it offers a chance to tailor your training to suit the reality of remote work. It also allows employees to ask questions and get the information they need to stay secure and compliant.
One thing employees can do is check their home network security. Make a list of all the devices currently on your network (Alexa, Google Home, gaming consoles, your smart thermostat, etc.) and make sure that none of these devices pose a security risk.
You may also want to consider providing your employees with more secure routers. All-in-one router solutions, like those used in most residential settings, pose a variety of risk, including:
- Relying on default passwords
- Don’t automatically install security updates and patches, leaving them vulnerable
- Have limited configurability
- Can have their DNS server addresses changed, allowing the router to be used for DNS hacking attempts
- Can be easily infected with malware and hijacked as part of botnet attacks
Though employees can take steps to secure their routers, such as:
- Ensuring their firmware is up to date
- Configuring their device to restrict access privileges as much as possible
- Choosing a strong admin password
- Disabling all internet-facing services
- Disabling Universal Plug and play (UPnP)
- Segmenting their networks to separate work access from general home access
Organizations should consider investing in enterprise Wi-Fi for remote access or taking other security steps such as:
- Configuring VPNs to use Split Tunnel Mode. This provides one route for local, personal traffic and one, more secure route for the corporate traffic associated with remote work.
- Using a Cloud Access Security Broker (CASB), which extends your organization’s on-prem security requirements to the cloud. This allows you to monitor network behavior for suspicious activities and manage risk across all your cloud services and providers, as well as set and enforce corporate policy.
- Investing in email security and endpoint protection. While almost all email providers leverage some built-in security options, if your current solution isn’t secure enough to meet your needs, you might want to consider a dedicated email security solution. This allows you to distribute your enterprise-class endpoint protection to remote worker’s devices.
The Bird Rock Team is Here to Help
Though many organizations are adapting quickly to remote work, we as a community can take steps to ease the transition for everyone. We have a lot of experience helping organizations with their remote work transition, and our friendly and experienced team would love to share what we have learned with you.
We typically begin by conducting a work-from-home readiness assessment and a security assessment. Once we know our starting point, we can:
- Provide you with IT and security roadmaps
- Help you round out your team
- Offer insights into what work from home initiatives our trusted partners provide
Why We’ve Partnered with Aruba
One of Bird Rock System’s trusted partners is Aruba. We know that our clients depend on us to provide them with sound advice, high-quality products, and excellent customer service. Aruba is known for their high-quality products and services, which is why we are confident recommending their products to our customers.