Reduce the Spread of COVID-19
Remote Access Risks
During this time of minimizing physical contact to reduce the spread of COVID-19 many companies are promoting telecommuting, thus encouraging remote access of their organization’s network through offsite devices. This is inherently risky, due mostly to substantially increasing the number of threat vectors into their network by factors of 10s, 100s, or even 1,000s (depending on the number of remote workers).
Home devices include personal computers which are often accessed by numerous family members in a household. Laptops that remote in often are used to visit a variety of other non-business sites and are running personal software as well. Of course, mobile devices that connect to a business network typically are running dozens if not scores of applications, mostly for personal use. Each website visited, attachment opened, application accessed, or non-vigilant person using a device equals another potential threat vector.
Most households function with a simple unsecure modem and do not have any type of protective firewall in place. Today, most consumer-oriented anti-malware and anti-virus protection software won’t even slow down hackers from penetrating an organization’s network since they can bypass it easily. Add to that, almost no one has any cyber threat protection on their mobile device at all, somehow believing they’re perfectly safe.
Many companies believe that using a Virtual Private Network (VPN) that securely connects from the end device to the business network assures safe access, but this is not completely accurate. A household or personal device may have been breached or may have malware in place that can then use the secure VPN connection to infect the network. That, or it may be used by hackers for so-called man-in-the-middle attacks, where the remote device is hijacked to penetrate into the network.
Secure Remote Access
Future Networking can work from the outside in, implementing VPN hardening to strengthen remote device connectivity, as well as assessing each endpoint to verify the device is clean.
Future Networking can also start with the security of the core network by itself, protecting it from attack by remote monitoring and additional protections, and then expand out to the remote devices.
Either approach improves the security profile of the organization we assist.
We also help establish the necessary written remote security policies for an organization and use proven processes to deploy technologies that not only include secure connectivity solutions (VPNs, Multi-Factor Authentication [MFA], etc.) but also provide specific hardware as needed (firewalls, switches, laptops and PCs).
For organizations that must meet compliance standards (HIPAA, CMMC, etc.) we align our entire approach, including documentation and reporting, to meet those requirements.