Difference between revisions of "Secure Remote Work Technical Considerations"
Line 28: | Line 28: | ||
*Unsecured Networks - connecting to networks that are unsecured such as cafe, hotel and other open public networks are easy targets for exploitation. | *Unsecured Networks - connecting to networks that are unsecured such as cafe, hotel and other open public networks are easy targets for exploitation. | ||
*Providing Internal Access Externally - servers will be exposed to the internet therefore increasing the potential risk and vulnerability of being compromised. | *Providing Internal Access Externally - servers will be exposed to the internet therefore increasing the potential risk and vulnerability of being compromised. | ||
− | *Out of Date Software - When using personal devices system updates and patches cannot be guaranteed. | + | *Out of Date Software - When using personal devices system updates and patches cannot be guaranteed. These software vulnerabilities can give attackers a window of of opportunity to compromise information and employee data. |
*Conference Hijacking - An unauthorized person joins a conference because it is public or by obtaining the link. | *Conference Hijacking - An unauthorized person joins a conference because it is public or by obtaining the link. | ||
*Targeted by APT actors - Advanced persistent threat (APT) actors can target open communications to exploit employee data and enterprise information. | *Targeted by APT actors - Advanced persistent threat (APT) actors can target open communications to exploit employee data and enterprise information. |
Revision as of 11:30, 3 April 2020
Overview and User Considerations | Technical Considerations | Secure Use of Collaboration Tools |
---|
What is Teleworking?As cloud technology, collaborative applications and internet connectivity increase, teleworking is becoming more prevalent than ever before. Teleworking is often done through the following ways:
Threats and Challenges posed by TeleworkingBy connecting via the internet to potentially classified or sensitive applications or data, there are threats to the safety and security of that information. Security issues may include:
Mitigation and Prevention MeasuresAs the employee will be connected via the internet to potentially classified data and applications it is important that measures are taken to reduce the risk of a security breach. Some helpful considerations to implement include:
Home Network HardeningOut of the box, most routers have generic passwords, are out of date, and often contain exploits that can easily be used to intercept, manipulate and store network traffic. However, there are a number of actions that you can take to mitigate these security issues at home. The following were taken from a CyberScoop report that details measures to protect home networks.
For more information, check out this CyberScoop report. References
|