23 Apr Stay Home – Stay Cybersecure
Due to the current Covid-19 emergency, organizations are now facing new and challenging working conditions which require them to adopt new agile working methodologies in order to maintain both quality and service levels.
Smartworking has, in fact, already been implemented in numerous contexts, as has teleworking, which is a form of remote, decentralized work based on telematic connections.
These ways of working, on the one hand, allow organizations to continue to make use of their human resources with the added benefit of working flexibility. On the other hand, the use of telematic connections brings to light a number of risks with respect to IT security.
This is because domestic networks are more vulnerable and cannot guarantee the same hardware and software protection that can instead be found on company premises.
It’s also worth noting that smartworking and teleworking tend to create fragmented organization which is difficult to control from the security point of view, which, through the centralization of the security processes, often makes asset protection pervasive.
The likelihood that a given cyber threat may materialize is amplified if placed in a context where the workstation is not subject to an efficient monitoring system, or with potentially less effective technical and organizational security measures due to the fact that they are applied to a device that is connected to a home network within an unprotected perimeter.
It is therefore paramount to identify guidelines and best practices to help mitigate these threats and to evaluate the implementation of technical and organizational security measures that companies can put in place to maintain business continuity without compromising the security of their assets.
In particular, it is fundamental to have:
- an updated antivirus with real-time scanning that is always active; an updated antimalware (e.g. Malwarebytes), with weekly scans (manual or scheduled);
- a firewall (activation of Windows Defender on Windows and/or the Firewall integrated in macOS);
- a lock screen activated after maximum 5 minutes of inactivity and, in any case, to be activated manually every time you leave the device;
- at rest encryption through full disk encryption, consisting in the activation of BitLocker on Windows and FileVault on macOS.
Moreover, it is absolutely necessary to:
- constantly update the operating system and applications in use on your personal computer;
- use strong credentials to access your personal computer, with passwords longer than 8 characters containing uppercase, lowercase, numbers and special characters;
- define a specific user for company activities in order to separate the personal environment from the work environment. The access credentials for this user must comply with the previous point. Moreover, the personal user must not be able to read/write in the file system area associated with the working user.
When activating a VPN private communication channel, make sure to:
- use VPN clients previously approved by a formal request for authorization of the device; protect VPN access credentials from unauthorized users;
- establish only one connection at a time.
Regarding the configuration of the local home network (wired and wireless) and the Internet connection, you should, where possible:
- Change the name of the Wi-Fi connection (SSID) from that assigned by the connection provider;
- make sure that the router control panel access credentials are strong and that the router control panel is not accessible from the public Internet network (i.e. remote management of the router is not active);
- you must check the encryption protocol used by the Wi-Fi network (WPA2 or higher), disable WPS (Wi-Fi Protected Setup, outdated technology) and UPnP (Universal Plug and Play, which increases the risk of intrusion from outside).
When using mobile devices as a hotspot, it is recommended that you do not share the hotspot with any third party and do not connect to personal devices via open and/or free Wi-Fi and public hotspots.
Finally, to ensure that the approach to smartworking is guaranteed by systems that offer greater protection and security, we recommend the adoption of several Microsoft and Google applications.
In particular, for booking any appointments, we recommend using “Microsoft Bookings“, which is included free of charge in Office 365. It is also already active for Office 365 Business Premium and Academic licenses (i.e. Office 365 A3 and Office 365 A5), while, for Enterprise licenses, it must be enabled (always free of charge) by following these steps: https://support.office.com/en-us/article/5382dc07-aaa5-45c9-8767-502333b214ce.
In addition, a guide to configuration and use (in 8 steps) is provided, which can be found at the following link: https://support.office.com/en-us/article/47403d64-a067-4754-9ae9-00157244c27d.
For the presentation of the service, see: https://www.microsoft.com/it-it/microsoft-365/business/scheduling-and-booking-app.
As for forms, “Microsoft Forms” is definitely the best choice. Below you will find the various links:
- service presentation: https://forms.microsoft.com/;
- Microsoft support home: https://support.office.com/en-us/forms;
- quick guide: https://support.office.com/en-us/article/620daa7a-3e03-4013-8f92-5cce86210ef6;
- administration activities: https://support.microsoft.com/en-us/office/deaada13-ea63-4812-9ca6-9243b40474e8 .
If, on the other hand, you want to make chat and video calls, we recommend using “Microsoft Teams”, the following links can be found here:
- service presentation: https://products.office.com/it-it/microsoft-teams/group-chat-software ;
- Microsoft support home: https://support.office.com/en-us/teams;
- quick guide: https://support.office.com/en-us/article/422bf3aa-9ae8-46f1-83a2-e65720e1a34d;
- video training: https://support.office.com/en-us/article/4f108e54-240b-4351-8084-b1089f0d21d7;
- administration activities: https://docs.microsoft.com/en-us/microsoftteams/.
For further information on remote working, please see the following links:
- https://www.youtube.com/playlist?list=PLU8ezI8GYqs6sCUWKaCVBaVg-ND6uH2BG; https://owncloud.com/switching-to-remote-our-best-practices-using-open-source-software/;