Work From Home: Internet attackers do not shut up even during a pandemic. The field of digital threats is constantly changing and evolving. Employees working remotely are even more vulnerable to new risks. Therefore, having a perfect real-time overview of the security of the entire network is more important for companies than ever before. ESET provides tips to help protect your employees and prevent threats that could trigger an avalanche of problems throughout the company.
1. Keep track of what’s happening across the network
While before the pandemic, many companies only had to provide security software with equipment on their premises, the home office expanded its corporate network to hundreds of different households across the country, and in some cases around the world. The use of security software also needs to be adapted to the new way of working.
When work from home, it is essential for IT administrators to know what is happening on all end devices, wherever they are. The cloud management system of the IT infrastructure provides a perfect overview of activity in various locations. If a threat is detected on any device on the network, the solutions in the ESET PROTECT Cloud package can quickly intervene and mitigate the consequences. The cloud console allows you to manage all end devices easily from one place.
2. Beware of securing home Wi-Fi
Work from home means that all corporate communication passes through the home routers of employees. Attackers can try to hack into them and gain access to the entire network. Employees should therefore change the default login name and password, ie the data that came with their router. This is because hackers can easily find the original data online. It can also be helpful for attackers to know your ISP. It is therefore a good idea to change the SSID, ie the name of the home network of employees. Part of the name often automatically copies the name of the company that provided the Wi-Fi.
There are also known cases of vulnerabilities in Wi-Fi chips, which are also used in routers. To prevent hackers from easily accessing the network through these vulnerabilities, it is extremely important that the home router firmware be updated to the latest version provided by the manufacturer.
3. Use a virtual private network (VPN) to encrypt communications
It is advisable to communicate the communication of employees who need, for example, access to their company’s intranet via a VPN, which creates a secure tunnel for this purpose. When using a VPN, the small data packets that make up a communication can be hidden from prying eyes, which is also true when browsing wider Internet content. In order for everything to work as it should, it is necessary to enable decryption only at both ends, ie on the employees’ devices and in the company network.
4. Use two-factor authentication
When working from home, remote access is often used, for example via Remote Desktop Protocol (RDP) technology. However, in addition to practicality, this connection also brings risks. Cyber-attackers attack RDP either by obtaining passwords from employees through social engineering, or use brute force to gain access. It follows that the success of offenders may depend on an inadequate verification process.
It is therefore advisable to provide access to RDP with two-factor authentication. It would require employees to enter a special code in addition to the login name and password. This form of authentication usually occurs through an authentication application or via SMS. Therefore, if an attacker manages to crack the password, two-factor authentication will prevent unauthorized access. Businesses can use ESET Secure Authentication for more secure and efficient authentication of remote access technologies.