With the global health crisis forcing people worldwide to work from home, there’s been an increase in threats from malicious actors on remote workers. In many cases, remote workers are sharing their home networks with roommates or family members. Shared home networks can open up individual workstations to additional security threats beyond their control.
Luckily, there are some simple steps managed service providers (MSPs) can take to ensure their clients are safe. First, you must increase your clients’ awareness of current activities and tactics to avoid falling victim to their schemes.
Attackers are already taking advantage of the current crisis and our strong desire for information and answers. Some of the most common attacks are:
- Phishing Emails: Bad actors are sending emails impersonating trusted sources of information, such as the World Health Organization or CDC, health organizations, universities, government entities, or other official sources to trick recipients into clicking links or opening attachments that can compromise credentials or infect devices with malware.
- Health Crisis Websites and Interactive Maps: Bad actors have also registered domains and launched sites that host information about the global health crisis, or show interactive maps detailing the spread of the virus. Attackers have laced many of these unofficial sites with malware, which commonly leads to ransomware, credential theft, or persistent remote access to workstations
- Malicious Apps: Attackers are creating malicious mobile device apps and deploying them to different app stores, mostly Android.
Once you’ve made your clients aware of the common attacks and tactics used by hackers, you must take steps to secure their workstations when working remotely.
Minimum Standards for Securely Working from Home
To ensure your clients’ new work environment is secure when accessing company systems, data, and networks, here are a few simple tips:
- Modern Operating System: Users should work on a company-managed workstation or a personal device with a supported operating system (OS).
- Patched Operating Systems: Users must be current on OS upgrades and patches (no more than 30 days since last patch application) for any workstation from which you conduct business.
- Patched Browser: Users must have a vendor-supported and fully patched browser.
- Current and Enabled Antivirus: Users must have antivirus installed and operational on any workstation.
Additional Guidance for Securely Working from Home
- Email and Web Security:
- Remain vigilant while reading emails, messages, web browsing, and be aware of common phishing techniques.
- Exercise heightened caution while engaging with COVID-19 based content. In these challenging times, please only seek information on COVID-19 from well-known, reputable websites such as the World Health Organization, CDC, or other government websites.
- Networking:
- Stay connected to a VPN client when working from any laptop or desktop, as additional security protections have been added to prevent malicious attacks.
- Avoid public network access points (i.e., coffee shop WiFi) and stay on your home network whenever possible.
- Check your wireless router or cable modem to confirm that your home WiFi is secured, with WPA2 or WPA3. Ensure insecure features like UPnP are disabled and default logins to IoT devices (smart doorbells, wireless cameras, robot vacuums, thermostats, etc) are changed.
- Authentication Security: Protect personal accounts with two-factor authentication, staying vigilant with interactions on online platforms. Use strong passwords and a Password Manager.
- Data Security: Work on documents within company-provided cloud applications to make sure data is safe and being backed up. Do not store company data on personal devices or your computer’s hard drive.
- General Security: Lock your personal computer when walking away from it (Win+L on Windows or Command+Control+Q on Mac).
Things to Avoid While Working from Home
- Using unsupported communication platforms to conduct business.
- Installing COVID-19 related apps on mobile devices.
- Leaving your business accounts logged in on a shared system(s). Instead, log out completely when you have finished your work.
- Using your personal email(s)/accounts to conduct business.
- Connecting unknown and untrusted devices (USB sticks, peripherals, etc.) to workstations with access to company networks and system(s).
- Installing unknown or untrusted software that may put your workstations at risk (unsupported remote desktop, etc.).
- Waiting to report any adverse events or suspicious activity identified with workstations to your MSP.
- Using file sharing (P2P), and other high-risk applications on workstations that have access to company services, systems or data.
More than ever, businesses will turn to their MSPs for guidance to help them navigate these uncertain times and avoid evolving threats. Throughout this time, Datto is here to help keep the MSP community informed, connected, and strong. Visit Datto’s Help Center for the latest resources and information.
Ryan Weeks is chief information security officer (CISO) for Datto. Read more Datto blogs here.