One of the bigger challenges for small office / home office (SOHO) workers is that they often have to operate as their own IT support staff. That’s a job for which most are unprepared. They may be able to figure out how to map a new printer or set up a video conference but maintaining a secure computing environment is a complex endeavor that is fraught with risk.
The hazards of do-it-yourself security have come into sharp relief with the global pandemic driving millions of Americans out of the office and into work-from-home arrangements. FortiGuard Labs’ recent Global Threat Landscape Report finds that cybercriminals are exploiting the pandemic at enormous scale.
The report identifies surging numbers of all manner of threats, including phishing and ransomware attacks, business email compromise schemes and nation-state backed malware campaigns. The study found that 60 percent of organizations revealed an increase in cybersecurity breach attempts during the transition to remote work, while 34 percent reported actual breaches in their networks.
Remote workers are inviting targets because they lack many of the protections that exist in a secure office environment. Furthermore, Proofpoint’s 2020 State of the Phish report finds that most people working from home lack fundamental cybersecurity awareness and fail to follow security best practices. For instance, two-thirds of the 3,500 working adults surveyed said they believe that antivirus software will prevent all cyberattacks. More than half believe their company’s IT team will somehow be automatically notified if they accidentally install a virus or other malicious software.
The fact is security is everyone’s responsibility — particularly in SOHO environments that rarely have their own fulltime IT professional. During the Tech Event session titled “Revolutionize Your Cybersecurity for the New Workplace,” RMM security experts described how you can develop a layered security approach for small offices and home offices. Here are some of the topics they addressed:
Remote monitoring and management (RMM) tools typically involve installing software agents on end-user devices as well as company servers to continuously gather data about your systems. While this is usually considered a tool for identifying and fixing performance issues, RMM tools also boost security by ensuring that computers, operating systems and applications accessing network resources remain patched and up to date. This significantly improves your chances of avoiding security breaches.
RMM tools can collect data and report on security systems such as firewalls and virus scanners to help organizations recognize and quickly remediate problems with security resources. Web protection features in a monitoring solution can be used to automate Internet use policies, block inappropriate or malicious websites, and monitor bandwidth usage. Automated patch management can prevent attacks against known vulnerabilities and ensure that systems are better protected.
SECURE REMOTE ACCESS
Identity and access management (IAM) provide a framework for verifying the identities of remote users attempting to access network resources. They integrate a variety of tools such as user provisioning, password management, single sign-on and multifactor authentication (MFA) into a comprehensive platform. MFA is particularly important because it minimizes the risk of weak or compromised passwords by requiring additional means of identification. However, the Proofpoint report finds that only 37 percent of companies utilize the technology.
MFA is particularly important for SOHO users accessing company resources through virtual private network (VPN) services. Most VPNs require a conventional username / password combination, which can be guessed or stolen. Compromised VPN credentials are valuable to cybercriminals because they can provide broad access to network resources.
Firewalls are among the most important elements of network security, filtering traffic to prevent unauthorized access. However, some are so complex that they are becoming a source of increased exposure. Gartner analysts say up to 99 percent of all firewall breaches are caused by misconfiguration issues rather than any flaws with the technology itself.
With a managed firewall, you offload configuration and policy development to a managed services provider with specific firewall expertise. What’s more, providers often have invested in technologies that allow them to automate firewall configurations, controls management, risk analysis and more. Upon installation and configuration, the provider will handle all administrative tasks such as adding or deleting user accounts, modifying firewall rules and updating configurations. Providers also remotely install patches, bug fixes and software updates as needed.
To encourage improved remote security practices, RMM Solutions has a special offer. Through Dec. 31, 2020, anyone purchasing a managed firewall solution will get a free access point. Click here to learn more.