April 21, 2020, Kathmandu
Security Practices that should be implemented by companies following the Work From Home System. In the middle of the imposed lock, down many of the companies must be applying for work from home methods. This has helped to continue the business during the lockdown and helped to maintain social distancing. But while many people consider work from home a best practice and should continue after lockdown as well, few are against it. The main reason people and companies refuse to work from a home method or do video conferencing is due to security threats.
But why to let your company suffer by being afraid of a preventable enemy (cybercriminals). To have a proper and secured Work From the Home system, you can follow these practices.
Things to do
- Review your Business Continuity Planning (BCP) and Procedures.
- Update your Organization’s Infrastructures (Jump Hosts, Firewalls, EPP, AD, Servers, etc.) to the latest available version. By doing so, you have almost secured your network by 50%.
- Use Multi-Factor Authentication (MFA) where possible and strickly make your employees follow this method to log in.
- Strictly Monitor user access and user roles. Prioritize the users that require most of the characters.
- Define access rights for your infrastructures and allow only necessary privileges to your employees.
- Enforce Communication with the use of end-to-end (E2E) Encrypted messaging applications. All confidential conversations would be safe by encrypting the messages.
- Enable re-authentication access to the resource after a short duration of inactivity.
- Backup and store data in more secure ways.
- Ensuring the physical security measures of the employees is necessary as well. This minimizes the risk that information may be accessed, used, modified, or removed without authorization.
- Only necessary organizational resources should be made available to the employee.
Things not to do
- Providing more than necessary organization resources on the internet or making it accessible to every employee.
- I am having a massive timeout duration for employees accessing organization resources.
- They are having users even though they do not require privileges in the system for a specific time.
By applying these measures, you can have a safe and secure work environment online. There are different cybersecurity companies as well as working to make the internet a safe place for the users. If you want to add up more and more security to your system, you can contact them as well. Click Here