<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

 

Blog

Read or download all Datashield news, reviews, content, and more.

 

All Posts

Top 5 Remote Work Tips from Datashield

top 5 remote work At Datashield, we pride ourselves on our ability to protect our clients, especially during the pandemic. Our security experts have compiled a list of the top five tips for those looking to increase their security in a remote work environment.

If you have any questions or are looking to implement a stronger remote work security program, contact us today.

Deploying a strong Enterprise Endpoint Detection and Response (EDR)

People will always be the primary target in attacks against organizations, usually from varying forms of social engineering such as phishing, malicious ads, and watering hole attacks.  Ensuring that the devices that your employees connect to your network on are safe and secure should be a primary goal.  Having a cloud-based Enterprise EDR will allow you to monitor your employee’s computers, even when not connected to the company’s network.  This will provide great visibility and will help prevent any malware spreading from an infected employee’s computer.  

 

Utilize a VPN

Virtual Private Networks (VPN) provides protection not just for the user, but for the company as well.  Having a VPN that uses strong encryption practices, verbose logging, and supports MFA will enhance your overall security posture and ease of access into your environment.  Using a VPN will also allow you to apply various access control measures through your VPN policies.  

One common question is when to use a split tunnel versus a full tunnel.  Datashield recommends using a full tunnel, as this will route all traffic through the VPN and is generally more secure.  However, this can cause an impact on speed.  A split tunnel is used when there is a need to access local resources as well, but can be less secure if something isn’t being routed over the VPN tunnel. 

 

Multi-factor Authentication (MFA) Policies

Password re-use and overall weak passwords are primary targets for attackers. If your applications don’t support MFA or if the user’s password gets compromised without your knowledge, the attacker can access those services. While not unbeatable, having MFA on those user logins will impede most attackers and stop a user compromise.

 

Connect from trusted Networks

Educating your employees about the safety of where they are connecting from is crucial.  Employees should only be connecting from trusted networks, such as a home or office network.  Public Wifi’s, such as Starbucks or open hotspots, should not be used to perform work duties.  While a VPN can offset some of these risks, it is ill advised to use any untrusted networks. 

 

Separation of Work and Personal Data

Your company’s data is important.  Having computers that are purchased and secured by the company will limit that data’s exposure.  Restricting work related tasks and applications to be done on company issued computers only is important.  This will ensure that you can monitor those endpoints.  It is also recommended to avoid having personal accounts or applications on work computers, as you can’t control the security for personal applications.  

 

Additional tips provided by CISA: https://www.cisa.gov/telework-reference-materials-non-federal-organizations

Topics from this Article

Remote Desktop Services, Endpoint Detection and Response, Application Security, User Education, Remote Access, VPN, Multi-Factor Authentication

Alex Achs
Alex Achs
Alex Achs is the Content Threat Intelligence (CTI) Manager at Datashield and provides thought leadership as well as technical deep dives articles to the Datashield Resource Library.

Related Posts

Lumifi Cyber Acquires Datashield to Deliver Next-Generation Managed Detection and Response

Combines AI and Machine Learning-Based Software with MDR Services to Provide Fortune 500-Grade Security to Companies of All Sizes Palm Desert, CA and Scottsdale, AZ — May 3, 2022 — Lumifi Cyber, Inc., a next-generation managed detection and response (MDR) cybersecurity software provider, today announced its acquisition of Datashield, Inc., an end-to-end cybersecurity resilience services provider, to deliver Fortune 500-grade security to companies of all sizes for an affordable monthly price.

Datashield Becomes Member of Microsoft Intelligent Security Association (MISA)

Datashield Becomes Member of Microsoft Intelligent Security Association (MISA)

The Difference Between Cybersecurity & Network Security

The Difference Between Cybersecurity & Network Security