Secure remote working - Administrators Guide

Issue link: https://insight.claranet.co.uk/i/1228710

Contents of this Issue


Page 1 of 6

Claranet Cyber Security | Quick read checklist for Secure Remote Working Secure remote working Cybersecurity checklist for remote working Unsecured wifi networks Using secure devices for work Using home networks Phishing scams will target the remote workforce The ink on the corporate homeworking policy is probably still drying as we all prepare for a new working environment. New measures may already be in place to which we would absolutely recommend referring to this information. As always, if you are not sure you should ask as there could be specific recommendations in relation to how you work and what you access. It is essential that you deploy some or all the following security measures: A structured policy for remote working that adheres to the principle of least privilege to limit the access or functionality that different users have Least privilege principles must be extended to data and systems which may require a reconfiguration of any remote access solutions Deploy multi-factor authentication (MFA) for all remote access Encrypt client devices to protect stored communications and data Patch patch patch Endpoint security on desktops, laptops, smartphones and tablets is critical Risk Assessment should be carried out. A DPIA should also be carried out as there will be new risks to personal data being accessed and processed remotely. Your checklist should include the following: Remote access Decide how your remote access will be provided e.g. VPN (IPSec or SSLVPN), Direct Access, portal based (SSL VPN), or remote desktop access*. Ensure supporting infrastructure is adequate to handle the demand (I.e. internet bandwidth, license considerations). Consider removing the ability to provide split-tunnelling where remote access solutions are used. Split-tunnelling enables the connection so only traffic for corporate resources passes over the remote connection, while internet connectivity goes directly over the Internet, thereby bypassing any corporate security mechanisms. Unless there is a real business need or technical constraint to why split-tunnelling must be used, disabling the use of split-tunnelling would be the preferred configuration. All access whilst the user is connected to the remote access solution will traverse the corporate IT systems and be subject to any security controls imposed upon them. *Note: Remote desktop should be published securely to the Internet.

Articles in this issue

view archives of eBooks - Secure remote working - Administrators Guide