Part 3 of 4
Nowadays, connectivity has become a basic service that is part and parcel of everyday life. The internet can be accessed from a wide range of locations and includes an extensive range of free options and connection hotspots.
But just as this technology has provided opportunities for working remotely, it can also act as a doorway for threats if configurations are poor or if a potential intruder happens to be on the same network. For this reason, it is always preferable to use secure networks to minimize the risks.
What are secure networks?
Secure networks are networks on which various security measures have been applied in order to prevent unauthorized users or attackers from connecting. The most fundamental of all these security measures is simple: use a strong password.
A network without a password, or with a weak password, is easily accessible to outsiders. For instance, for someone with the right knowledge it is much easier to obtain a WEP-encrypted password than one encrypted with WPA or WPA2 – the latter being the most secure and the most highly recommended.
In the case of home networks, it is important that the Wi-Fi router is inaccessible from the outside and has a strong administrator password that is difficult to guess. In addition, keeping the router’s firmware updated and monitoring the devices that are connecting to it are indispensable precautions.
Public vs. private networks
Public networks are another matter – they are very useful when you need to work in a bar, an airport or any other public space – but they are usually open networks offered as an additional service for customers. As such, these connections do not have restrictive security measures. A hacker that connects to public networks can potentially intercept data being transferred on the same network.
Therefore, when connecting to public networks, it is important to apply the most restrictive security setups, especially with regard to shared files and access to systems. The best advice is to avoid using services that involve sensitive information.
Most companies have private networks that protect data packets in transit and ensure safe browsing for their users. But when the connection to users is remote, that means communication will be happening over public, unsecured networks. Companies will need to establish an external-facing gateway that has additional controls and measures in place to protect both the company’s internal network and the communication with remote employees’ devices.
Sometimes, we use networks that are neither our own home connection nor a public one – usually some type of third-party network like a hotel or a friend’s house. Even though these are private networks, the user does not know who else is connected to that network nor what their intentions might be. For this reason, even if you know and trust the administrator, the same precautions should be taken as for a public network.
VPN
Virtual private networks (VPNs) are a technology that encrypts your communication over a network to provide you with secure remote access to a private network.
While there are various protocols available to connect via VPN, all use encryption to render data unreadable until it has reached its destination. In this way, should attackers intercept your communication, they will not be able to read or utilize your data.
Many companies provide their employees with a VPN connection to remotely connect to internal network services and data. Since these types of connections provide encryption, it is also recommended to use a VPN whenever connected to a public or unsecure network.
Don’t have an IT department to set up a VPN for your business? Check out this guide on WeLiveSecurity.
Two-factor authentication
Two-factor authentication (2FA) is a technology that complements traditional authentication to access services. In addition to the usual username and password, another piece of information is also required. This could be a security code, a hard token or anything else that the user possesses.
Normally, a code is generated and available via an SMS, in an authenticator app (more secure), or even in something as simple as a USB key.
The purpose of 2FA is to protect access to your accounts and devices in cases when your password is compromised. This can happen due to malicious code, an infiltration in your company’s IT systems or via a scam.
Remote work increases the risk that your credentials can be stolen by an attacker. By adding a second factor to your credentials, an attacker’s attempts to use your password for authentication are confounded. ESET offers businesses a comprehensive 2FA solution via ESET Secure Authentication.
In part four of this series, we will take a look at preparing your employees for receiving technical support remotely and round off this series with a summary of best practices.
Looking for a comprehensive set of remote workforce resources for your IT admins and employees?
The complete Remote Worker’s Guide series:
Part 1: Risks, threats and corporate policy
Part 2: Remote working tools for employees
Part 3: Network connectivity
Part 4: Technical support and best practices