Difference between revisions of "Secure Remote Work Technical Considerations"
| Line 3: | Line 3: | ||
{| class="wikitable" style="align:center; border-top: #000000 2px solid; border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1125px" | {| class="wikitable" style="align:center; border-top: #000000 2px solid; border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1125px" | ||
|- | |- | ||
| − | ! style="background: | + | ! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Teleworking | Secure Teleworking - User Considerations]] |
| − | ! style="background: | + | ! style="background: #2e73b6; color: white" width="250px" height="40px" scope="col" |[[Secure Teleworking Technical Considerations|Secure Teleworking - Technical Considerations]] |
|} | |} | ||
{| style="width:1125px;" | {| style="width:1125px;" | ||
Revision as of 10:18, 30 March 2020
| Secure Teleworking - User Considerations | Secure Teleworking - Technical Considerations |
|---|
What is Teleworking?Teleworking by definition is an arrangement between an employee and the employer in which the employee does not commute to their physical work space, but can use the internet and other digital mediums to complete work. With recent events, teleworking has become more popular that previously before and will continue to get more popular as technology evolves. Threats and Challenges posed by TeleworkingBy connecting via the internet to potentially classified or sensitive applications or data, there are threats to the safety and security of that information. Security issues may include:
Mitigation and Prevention MeasuresIt is important to realize that because Teleworking uses the internet for connectivity, it may be a target for compromise. That being said, there are a number of measures to help prevent security breaches when teleworking through all mediums.
PrivacyEmployee's are encouraged to use approved software such as Zoom, Google Hangouts, and Slack to collaborate and communicate unclassified information. However there are some privacy issues that need to be recognized before using these applications. It is important to remember that these applications are not to be used for any classified work. Some general things to consider for increasing privacy on these applications include:
SlackWhen using a paid license of the application, a feature is unlocked that allows HR and management personnel to export ALL chats. Not only can group chats be exported but also chats that are between you and a colleague that is sent in a private chat. This feature cannot be enabled in the free license. It is important to note that Slack does store data regardless of the license, including after 10,000 messages in the free version. Slack also retains data such as links, passwords, usernames and chats, however does have options to customize policies on data retention. ZoomZoom has a feature that tracks attention to the webcam in order to see who is actively in the video chat. If a presenter is sharing their screen and a user minimizes the window or leaves their device, a notification will be sent to the meeting hosts. It should be noted that Zoom does not record activity on the device nor does it capture video with this setting. Unless a meeting host is using Zoom's encrypted video chat option, the company could have access to the conference. For more information on using Zoom, please see the guide in the references section or click here. Google HangoutsWhile there are no glaring privacy concerns with Google Hangouts, it does require a Google account. It is best to use a work account if possible, to avoid details being linked together exposing private interests, and personal activity online when using that Google account. Details such as names, phone numbers, usernames and other information can be pieced together which can be exposed as a single entity. References
|
