Our work networks have been changing lately. People have been working remotely for some time; however, with the pandemic, a vast number now work from home (WFH). These workers have been set up to access the company network while working remotely, changing the network in ways many hadn’t anticipated.
With the switch for many to work from home, a recent increase in cyber-attacks has followed. When employees login remotely and access the organization’s network on their home broadband network, they may not realize that they are inadvertently opening new pathways for cyberattacks.
How may an organization keep their network secure? In this article, we will cover different strategies your organization may implement to help keep yourself secure.
Implement a Zero Trust Network
The zero-trust approach is a security model that requires scrupulous identity verification for every person and device that attempts to connect with the network. This applies to all requests to connect regardless of location; the request could be coming from in house or remotely.
Common tools used in zero-trust networks are Single Sign-On (SSO), Identity Protection, and multi-factor authentication (MFA). What is MFA, you ask? MFA is a security feature that requires more than one piece of evidence to authenticate a user, meaning you cannot just enter a password to gain access. Commonly used in this instance is 2-factor authorization (2FA). When you are using 2FA and enter your password, a one time code will be sent to you from another device (such as a smartphone) to enter and finish the login.
Popular 2FA’s include (from PCWorld):
- Google Authenticator: Best overall.
- LastPass Authenticator: Runner up.
- Microsoft Authenticator.
- Authy: Best multi-device solution.
- Yubico Authenticator.
- Titan Security Key.
Run software updates on a regular basis
Updating your software can be a nuisance. Take your smartphone, for example, it seems like we have to update apps every other day or so. Why is updating your software important? Over time, developers update the software which may include improving the stability of your software, removing outdated features, and making the user experience better. Often, those updates include critical patches to security holes that have been discovered. Keeping your software updated helps to mitigate the potential security threats on your network.
Awareness and training
A large part of cybersecurity comes down to awareness; what potential security threats are out there, do not click on that link, don’t download an attachment from someone you do not know or trust. An organization will benefit from training employees on the cybersecurity protocols of the organization, data security and privacy policies, common threats, what phishing attempts are, and more.
Employees may not see the value in this training nor take it seriously. How may you better engage them? One way is to show them what is in it for them. Most of us have computers and devices at home and we may apply much of what we learn in training may be applied to our home to enhance our personal security. As new employees come into the organization, they gain access to new accounts. It may be beneficial to begin training on cybersecurity and awareness during the onboarding process.
Get a firewall that protects your entire network
Firewalls are not effective against all cyber attacks. That being said, how does a firewall protect you? Firewalls surround the perimeter of your network and monitor all incoming data packets for potential cyber threats, they sort of filter all incoming network traffic. The ability to detect an intrusion attempt before it enters the network significantly helps you mitigate the threat.
As we mentioned above, Firewalls do not protect again all cyber attacks. It is useful to understand what firewalls help protect against and what they do not protect against. firewalls are effective against Malware Insertions, Insider attacks, and Data Exfiltration. Firewalls do not protect against Phishing attacks, malicious use of authorized accounts, Distributed Denial of Service (DDoS) attacks, vulnerabilities, and direct physical access.