Working From Home - IT Security Recommendations

Working from Home - IT Security Recommendations

As your staff move to a “primarily working from home” model during the COVID-19 outbreak, Netlink have put together a reminder of remote worker security fundamentals to ensure the smooth running of your companies’ operations while keeping your assets protected from attackers.

Given that in most cases security of a home computer environment is inferior to that of your office and that the potential for a breach of your corporate system is increased when staff are accessing it remotely. It is a recommendation for all staff who are working from home are following the guidelines the below and on the Australian Government Stay Smart Online website.

Strong Passwords

• Passwords or passphrases meet the company standard.
• A unique password is used for each account / service
• Change default passwords on modems/routers supplied by your Internet Service Provider
• Australian Government - Secure Passwords

Multifactor (MFA) or Two-Factor (2FA) Authentication

• Where available staff must use Multifactor Authentication
• Where MFA is not supported, additional care has been taken to ensure the account password is sufficiently complex and unique to the account
• Australian Government - Multifactor Authentication

Secure Wi-Fi / Wireless

• Ensure home Wi-Fi is secured with a passcode
• Do not connect through public Wi-Fi (cafes etc) shared computers (public libraries etc)
• Australian Government - Secure your internet connection and home network

Desktops and Laptops (including BYOD computers) have been hardened

Computers used by staff at any time to connect into corporate networks remotely must be security hardened.

• Computers must have the latest’s Microsoft or Apple patches and updates
• The applications installed on the workstation are up to date and patched regularly
• Computers must have security software installed that includes anti-malware and personal firewall functions that meet the companies requirements

Mobile Device Security

All mobile devices storing or accessing corporate information or resources (email, Office 365 SharePoint etc) shall be;

• Protected by a secure access control method such as biometric authentication (e.g. fingerprint or face recognition) or the use of an alphanumeric password
• Configured to lock automatically after 10 minutes of inactivity
• Configured to be remotely wiped by the IT Support personnel at any time. This may also result in personal data being wiped.

Jailbroken” or “rooted” devices must be prohibited from accessing the corporate networks, systems, and information.

Virtual Private Networks (VPNs)

All remote connections by staff to the corporate network or platforms or applications hosting corporate data for the purposes of teleworking must occur via a firm’s approved TLS connection, SSH tunnel or IPsec virtual private network (VPN) solution.

Security Awareness Phishing / Malicious Emails

• Do not click on any hyperlinks in emails that are of a suspicions nature

Further COVID-19 advice from Netlink can be viewed at https://netlinkgroup.com.au/covid-19-update/