Nerd For Tech
Published in

Nerd For Tech

Remote Work: Dream or a Threat?

Tools you need for remote work, IT security threats you should be aware of when working remotely, and cybersecurity tips for remote working

Tools you need for remote work

  • the software they will use to access their workplaces remotely, such as RDP and VPN clients, etc.;
  • tools they will use to work with the documents remotely, such as cloud services;
  • and services they will use for communication, such as messaging apps, video conferencing software, task managers, and CRM.

Software for remote access

  • Windows. All you need is the Microsoft Remote Desktop which is used to open access to the computer remotely over RDP (Remote Desktop Protocol). It should be already available in your operating system. If not, install Remote Assistance from Microsoft. We explain how to set up an RDP connection securely here.
  • macOS. Apple users can use a regular Screen Sharing app, Chrome’s remote desktop connection, or third-party programs.
  • Linux. TeamViewer, AnyDesk, and similar software are perfect for working under this operating system.

Cloud services for remote work

Messaging apps for remote work

Task managers and Customer Relationship Management systems

Software for video calls, presentations, and conference calls

IT security threats you should be aware of to work remotely

Leakage of confidential information

  • An employee’s PC is infected with malware that infects a corporate server when connected to a remote desktop.
  • The team member is not prepared for social engineering, man-in-the-middle, or phishing attack.
  • An employee has lost one’s device with an open remote work connection
  • The device stopped working and required repair, there is always a slight chance that the computer repair technician will save all the data from the device or even from your corporate network if the user can access it remotely.
  • All family members use a single account on your employee’s home computer. They may not necessarily intend to harm you, but they are unlikely to be aware of your security standards.

Malware

Unauthorized access

Cybersecurity tips for remote working: where do you start?

  • Always encrypt network traffic when connecting to remote workstations;
  • Use 2-factor authentication without exceptions and excuses;
  • Establish a work from home policy, include it in a standard employee’s contract, and train your employees to avoid basic cybersecurity threats like phishing, social engineering, etc.

Remote work connection protection

Two-factor authentication when working remotely

  • Take care of the remote desktop first. Protect the RDP connection with 2FA, configure Citrix and VMWare two-factor authentication via RADIUS, etc. You’ll find the two-factor authentication solutions for Windows logon and RDP here and more info about the 2FA integration via RADIUS that will help you to protect Citrix and VMWare here.
  • Add two-factor authnetication to your VPN client, learn how to integrate Protectimus two-factor authentication to any VPN client via RADIUS here.
  • Encourage your employees to enable built-in two-factor authentication for macOS or install Protectimus Winlogon for Windows. The step-by-step guide on installing Protectimus Winlogon is available here.
  • Instruct the team to enable two-factor authentication when working with any cloud services. Read how to protect Office 365 accounts with hardware tokens here, and how to add hardware OATH token to Azure MFA here.
  • Generate one-time passwords with hardware tokens. Learn more about universal programmable OTP tokens Protectimus Flex, which will fit all your two-factor authentication needs here.

How to set up two-factor authentication for RDP

  • Access for unregistered users
  • User auto-registration
  • Token auto-registration
  • Select the Token Type your users will add
  • API URL. Use https://api.protectimus.com/.
  • API Login. This is the login you chose when registering with the service (that is, your email).
  • API Key. You’ll find your API key on the Profile page. To navigate to this page, click on your username in the upper-right corner of the interface. Then, choose “Profile” from the drop-down list.

How to choose OTP tokens for work from home

  • Classic TOTP token with a hard-coded secret key.
  • Not programmable (a secret key cannot be changed).
  • Shockproof.
  • Waterproof.
  • Battery life: 3–5 years.
  • Price per unit: 11.99 USD.
  • Warranty: 12 months.
  • Protectimus Winlogon & RDP
  • Azure MFA (P1 or P2 license)
  • Protectimus Winlogon & RDP
  • GSuite
  • Office 365
  • Azure MFA
  • Programmable OTP token with credit card form factor.
  • You can use it with almost any service that supports 2FA apps; a secret key can be added into the OTP token over NFC (requires an Android smartphone).
  • Time synchronization feature.
  • Waterproof.
  • Battery life: 3–5 years.
  • Price per unit: 29.99 USD.
  • Warranty: 12 months.
  • Protectimus Winlogon & RDP
  • GSuite
  • Office 365
  • Azure MFA
  • Programmable OTP token with a key fob form factor.
  • You can use it with almost any service that supports 2FA apps; a secret key can be added into the OTP token over NFC (requires an Android smartphone).
  • Time synchronization feature.
  • Waterproof.
  • Battery life: 3–5 years.
  • Price per unit: 19.99 USD.
  • Warranty: 12 months.
  • Protectimus Winlogon & RDP
  • GSuite
  • Office 365
  • Azure MFA

Remote work security policies

  • If possible, set up a home office that no one else has access to;
  • Maintain a clean desk policy, do not leave any paperwork or paperwork with working notes;
  • Always lock screens or turn off devices when not in use;
  • Set strong passwords and use two-factor authentication;
  • Keep work and personal gadgets separate;
  • Connect via VPN to encrypt your internet connection;
  • Remember your privacy;
  • Use only reliable Wi-Fi networks.

Conclusions

Read more

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Protectimus

Two-factor authentication solutions for business. Secure your organization’s and user’s data with MFA: https://www.protectimus.com/