802
edits
Changes
Secure Remote Working - Device Considerations (view source)
Revision as of 08:05, 24 April 2020
, 08:05, 24 April 2020no edit summary
{| class="wikitable" style="align:center; border-top: #000000 2px solid; border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1125px"
{| class="wikitable" style="align:center; border-top: #000000 2px solid; border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1125px"
|-
|-
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Remote Working |Overview and User Considerations]]
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Remote Working - Overview|Overview and User Considerations]]
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Remote Work Technical Considerations|Technical Considerations]]
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Remote Work Technical Considerations|Technical Considerations]]
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Use of Collaboration Tools|Secure Use of Collaboration Tools]]
! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Use of Collaboration Tools|Secure Use of Collaboration Tools]]
*Avoid substituting numbers for letters or symbols. For example, "P@$$W0RD1" is not a secure password.
*Avoid substituting numbers for letters or symbols. For example, "P@$$W0RD1" is not a secure password.
*Enable Two-Factor Authentication (2FA). Choose to authenticate via an "authenticator" app which provides a one-time passcode. Most times SMS is the default second factor however this can be spoofed with a method called sim-swapping.
*Enable Two-Factor Authentication (2FA). Choose to authenticate via an "authenticator" app which provides a one-time passcode. Most times SMS is the default second factor however this can be spoofed with a method called sim-swapping.
*Avoid using "remember me" for apps and websites.
*Avoid using "remember me" features for apps and websites.
==Social Media and Messaging==
Social media services surround our device and most of the time have broad access to areas of a device that are not commonly associated with social media apps such as Facebook, Instagram, and Twitter.
In order to protect devices and personal information, consider:
*Using Social Media only on personal devices.
*Having a strong passhrase, or passcode.
*Use two-factor authentication when possible.
*Avoid posting specific work-related details such as office location, on-going work projects, images of workstations and employee duties.
*Restrict access to what the social media application can access such as disabling access to the camera, phone call log, text messages, etc... if possible.
*Be smart! Think about what is being posted. Don't post something that you wouldn't feel comfortable yelling on the street or in a public place.
==Networking Devices and Internet Appliances==
===Cloud Services===
Cloud providers offer services that allow file storage, compute power, e-mail, office tools, and remote access (to name a few), which can be accessed remotely by logging into a control panel or server.
Best practices when using these services include: encrypting sensitive data, use anti-malware and backup services provided by the cloud service provider (CSP), inquire on where the data is being physically stored.
For more best practices and information on protecting a cloud environment visit the [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Initiative page] on GCpedia.
|}
|}