Difference between revisions of "Secure Remote Work Technical Considerations"
Line 78: | Line 78: | ||
Canadian Shield is offered on workstations, laptops, tablets and smartphones that are running iOS or Android. | Canadian Shield is offered on workstations, laptops, tablets and smartphones that are running iOS or Android. | ||
− | ==Criteria to | + | ==Criteria to Consider when Choosing a Collaborative Application== |
When choosing or deciding which public applications to use for your work, consider the following excerpt from the Nation Security Agency's [https://media.defense.gov/2020/Apr/24/2002288652/-1/-1/0/CSI-SELECTING-AND-USING-COLLABORATION-SERVICES-SECURELY-LONG-FINAL.PDF publication]: | When choosing or deciding which public applications to use for your work, consider the following excerpt from the Nation Security Agency's [https://media.defense.gov/2020/Apr/24/2002288652/-1/-1/0/CSI-SELECTING-AND-USING-COLLABORATION-SERVICES-SECURELY-LONG-FINAL.PDF publication]: | ||
Line 91: | Line 91: | ||
*Has the collaboration service’s source code been shared publicly (e.g. open source)? | *Has the collaboration service’s source code been shared publicly (e.g. open source)? | ||
*Is the service developed and/or hosted under the jurisdiction of a government with laws that could jeopardize government standards and policy? | *Is the service developed and/or hosted under the jurisdiction of a government with laws that could jeopardize government standards and policy? | ||
+ | |||
== References == | == References == | ||
*[https://csrc.nist.gov/CSRC/media/Publications/Shared/documents/itl-bulletin/itlbul2020-03.pdf Secure Teleworking Bulletin - NIST Publication] | *[https://csrc.nist.gov/CSRC/media/Publications/Shared/documents/itl-bulletin/itlbul2020-03.pdf Secure Teleworking Bulletin - NIST Publication] |
Revision as of 11:51, 4 May 2020
Overview and User Considerations | Technical Considerations | Secure Use of Collaboration Tools | Device Considerations |
---|
What is Remote Working?As cloud technology, collaborative applications and internet connectivity increase, remote working is becoming more prevalent than ever before. Remote work is often done through the following ways:
Threats and Challenges posed by Remote WorkingBy connecting via the internet to potentially classified or sensitive applications or data, there are threats to the safety and security of that information. Security issues may include:
Recommended Security MeasuresAs the employee will be connected via the internet to potentially classified data and applications it is important that measures are taken to reduce the risk of a security breach. Some helpful considerations to implement include:
Home Network HardeningOut of the box, most routers have generic passwords, are out of date, and often contain exploits that can easily be used to intercept, manipulate and store network traffic. However, there are a number of actions that you can take to mitigate these security issues at home. The following were taken from a CyberScoop report that details measures to protect home networks.
For more information, check out this CyberScoop report. Canadian ShieldThe Canadian Internet Registration Authority (CIRA) have recently launched a free protected DNS service that prevents users from connecting to malicious websites and hosts. Over 80% of cyber attacks leverage DNS servers. If attackers are able to connect your device to their compromised DNS, they can begin dropping and installing malware. DNS servers translate human readable addresses into machine readable addresses. For example, if the "wiki.gccollab.ca" address is typed in on a web browser in a human language, the DNS server will match the address to another machine readable address as a set of numbers like "52.139.83.135". Canadian Shield uses data and threat intelligence to determine which DNS address request is being sent and if it is likely to be malicious. Once Canadian Shield determines that it is in fact malicious, it blocks the your request preventing your device from being infected. Canadian Shield is offered on workstations, laptops, tablets and smartphones that are running iOS or Android. Criteria to Consider when Choosing a Collaborative ApplicationWhen choosing or deciding which public applications to use for your work, consider the following excerpt from the Nation Security Agency's publication:
References
|