Line 28: |
Line 28: |
| Secure Issues Include: | | Secure Issues Include: |
| *Lack of physical security - devices can be stolen, drives can be copied, or shoulder surfing. | | *Lack of physical security - devices can be stolen, drives can be copied, or shoulder surfing. |
− | *Unsecured Networks - connecting on networks that are unsecured such as cafe wifi networks, hotel wifi and other open public networks are easy targets for man-in-the-middle attacks and eavesdropping. | + | *Unsecured Networks - connecting on networks that are unsecured such as cafe and hotel wifi networks and other open public networks are easy targets for exploitation. |
| *Providing Internal Access Externally - servers will be facing the internet therefore increasing the potential risk and vulnerability of being compromised. | | *Providing Internal Access Externally - servers will be facing the internet therefore increasing the potential risk and vulnerability of being compromised. |
| | | |
Line 38: |
Line 38: |
| *Ensure remote servers, user endpoints such as smartphones, tablets, laptops and desktops are regularly patched. | | *Ensure remote servers, user endpoints such as smartphones, tablets, laptops and desktops are regularly patched. |
| *Secure all remote devices by using anti-malware software and implementing strong firewall rules. | | *Secure all remote devices by using anti-malware software and implementing strong firewall rules. |
− | *Use validated encryption to protect data in transit and at rest. | + | *Use validated encryption to protect data. |
| *Encrypt device storage such as hard drives, SD Cards, USB Keys, etc... | | *Encrypt device storage such as hard drives, SD Cards, USB Keys, etc... |
| *Devise policies that detail how a teleworker will access applications remotely as well as what applications and parts of the network they have access to. | | *Devise policies that detail how a teleworker will access applications remotely as well as what applications and parts of the network they have access to. |
| *Disable or limit the ability to install applications on devices such as laptops and smartphones. | | *Disable or limit the ability to install applications on devices such as laptops and smartphones. |
| + | |
| + | ==Privacy== |
| + | Employee's are encouraged to use approved software such as Zoom, Google Hangouts, and Slack to collaborate and communicate unclassified information. However there are some privacy issues that need to be recognized before using these applications. |
| + | ===Slack=== |
| + | |
| | | |
| == References == | | == References == |