Most enterprises are getting slammed with employees working from home. Most of us designed our remote user VPN’s for the occasional "snow day" ...right. Now we have an entire workforce, working from home full time for weeks…maybe months …oh yeah, and using a full suite of applications including voice… crazy. No really!
Many of you have contacted SynerComm to get additional VPN licenses/concentrators, endpoint security controls, and help designing and spinning up "new ways" to get employees connected securely. During these crazy times some of our vendors are stepping up and trying to make a difference.
To help you we would like to share a few solutions/offers from our vendors:
Palo Alto Networks
Free 90-day GlobalProtect VPN subscription license for mobile devices like iPads, etc. (Other GP is already free)
Customer logins into their own support portal and select trial licenses
Flexible Pulse Connect Secure licensing
Valid through May 31st
Surge relief for 60 days (existing customers) CrowdStrike Falcon Prevent home use licenses
SentinelOne Core: AI-powered prevention, detection, and automated response in a single, autonomous lightweight agent; legacy antivirus replacement across Windows, Mac, and Linux operating systems with no connectivity or network dependency.
Deployment services: remote deployment assistance to ensure rapid installation and customized configuration
Offer expires May 16th
No charge offer to help businesses with 100+ employees during these challenging times.
Work from Home bundle discount Extreme Networks and Tech Data have created a Portable Branch Office Kit to enable your customers to connect, secure, and manage remote sites and remote workers quickly and easily. Combining SD-WAN, Wi-Fi, and cloud management into an easy to deploy, plug and play solution, this kit offer delivers the ability to provide an enterprise-class experience for all connected users, regardless of where they reside.
Lastline Analyst at no cost for 90 days to organizations with 500+ employees.
Offer expires June 30, 2020
Free trial - Scalable secure access for increasing your mobile workforce.
Have questions or want some guidance with taking advantage of these vendor offers?
Practicing good remote access hygiene in times of uncertainty
As the business world reacts to the current health crisis, companies are offering remote access to any role that can work from home. Taking a cue from the changing environment, cyber-criminals are already taking advantage. Already (03/15/2020) the US Health and Human Services Department suffered a cyber-attack with the intention of distributing false information.
Here are some recommendations on continuing to practice good information security hygiene as more of the access moves outside of the physical office.
New Remote Access Users Remote access privileges come with a new set of responsibilities. Ensure that the newly enabled group of remote access participants are aware of and follow company procedures with regards to remote access. This isn’t just about good Wi-Fi practices (discussed later), it should also include activities like plugging in personal flash drives or downloading movies to company owned equipment. If employees can connect with personal devices, there are even more risks to consider.
Help Desk Personnel A popular attack that will gain attention in the coming weeks will be password reset requests against the helpdesk teams. Establishing and training on proper verification and secure password reset techniques will be essential for the helpdesk to identify who they should be helping and who they should be hanging up on.
Multifactor Authentication (MFA) Extending remote access to company networks and data should be accompanied by a requirement for MFA use. Properly implemented MFA makes it much more difficult for a bad actor to gain access to any account. This isn’t the time to wonder how many users have weak and easily guessed passwords like “Winter20”.
Secure Data Storage Devices that will be used to perform remote work may or may not have encrypted storage. Make sure care is taken when employees work with company data and remind them not store that data in unsecure locations or media.
Wireless Access Points While users may not be going to many coffee shops or hotels the next few weeks, the guidelines for performing safe wireless access still apply. When connecting to public Wi-Fi, ensure you are using a VPN and examine the name of the network closely to avoid evil twins. [Evil twins are Wi-Fi hotspots that look legitimate but have a small change in the lettering: HOTSpot vs. H0TSpot.] When setting up wireless access points at home, use WPA2 encryption with a long and difficult to guess passphrase.
Endpoint Security Whether it is company owned equipment or employee owned equipment, endpoint controls are crucial for protecting the information assets they will be working with. Ensure endpoint software is in place, properly configured, and up-to-date before allowing these devices to connect to the enterprise network.
Split Tunneling This one might be tougher to deal with, especially with employee owned equipment. Split tunneling is the process of allowing a remote VPN user to access a non-corporate network at the same time that the user is allowed to access the corporate network via the VPN. This method of network access enables the user to access corporate devices, such as a network data share, at the same time as accessing non-corporate network devices, like a home network printer. With split tunneling there is increased risk of exposing company IT assets to external threats and attacks.
The Right Tools Incident response plans often call for the assembly of the incident response team. With those team members possibly being remote, ensure that the tools they need are available where they are working.
You Will See More Count on an increase in attempts by fraudsters to impersonate company executives. Their goal is to trick employees into sending information or wiring funds to less than desirable recipients. It will no longer be as easy as peeking your head through the boss’s door to ask if the email request for all of the W-2 information came from him this morning was legitimate.
Establish Secure Verification Procedures Email addresses, caller ID, and even voice messages face the possibility of being spoofed. When confirming the authenticity of a request, use a different channel than how the request was initiated. If you received an email, call a known number to verify (not a number that came from the email.)
Review Wire Transfer and Other Vulnerable Financial Controls Controls that require actions by multiple people may have to be modified to accommodate the increase in remote workers. Review those procedures to make sure they are remote workforce capable.
The need to
immediately increase remote access capabilities is here, much sooner
than a lot of companies were prepared for. But just as it is not
prudent to take shortcuts to meet a deadline from your boss, now is
not the time to sacrifice security for expedience or convenience. We
have already seen examples of people sharing links to private company
meetings via social media sites, virtually opening the meeting to
anyone who happens upon the link. It is essential that these users
who now have new methods of access, understand and protect that
access. The bad guys are actively looking to prey upon those who are
Risks and Considerations for IT: A Pandemic
What can IT do to prepare?
We all know the stats of the Coronavirus, although they are changing by the minute. We know what to do personally and for our families but what about for our Company?
Many customers do have Business Continuity Plans or Enterprise Risk management plans but do they include plans for a Pandemic such as this?
A few things to consider:
Remote access for employees. Can employees continue their normal work from home? Phones for customer calls? Do you have enough licenses to support large numbers of SSL VPN connections?
Customer & vendor meetings. Many companies have started to stop all onsite meetings to protect their employees. This is where collaboration software is king. Do you have enough licenses for GoToMeetings, Zoom, or others?
Communications plans. (Pre and Post Pandemic) Is there effective means to communicate with employees should the business (or schools) require to close its doors? Email, mobile phones, Teams, etc?
Insurance. Many corporate insurances plans (Business interruption clauses) have Pandemic inclusions…. does yours? Maybe dust it off and know your coverage.
Travel Insurance. Even if your company has not issued a stop on travel many other companies have. Can existing travel plans be changed without forfeiture or fees?
Just a few things to think about for your best practice preparedness plans.
From design to deployment to troubleshooting and everything in between, the friendly experts at SynerComm are always here to help.