Secure Remote Access – 10 Point Checklist

By

Are you looking to enable secure remote access? As businesses continue monitoring the situation surrounding the outbreak of COVID-19 (Coronavirus) and the effect it has on individual organizations moving to a remote workforce, we wanted to share a few security best practices for you to follow to successfully and securely work from home. The following checklist provided by Capital Techies IT Consultants in Washington DC will help reduce exposure to cybercriminals using COVID-19 as an opportunity to exploit businesses looking to implement remote access methods.

There are a variety of methods for remote connectivity, but all options should be well thought out and tested. Please review these best practices for secure remote access below:

  1. Multi-Factor Authentication – All remote access should be secured with MFA (Multi-Factor Authentication) no matter what method of remote access you select.
  2. VPN (Virtual Private Network) Access – While most firewalls are capable of configuring a client VPN to connect a remote machine to the internal network, it should be advised that only corporate-owned machines with the appropriate protection be allowed to use this method. Personal devices should never connect to a corporate network via a VPN. VPN connections should not use a shared account and should be integrated with existing domain infrastructure for authentication.
  3. Remote Desktop Gateway – This solution is installed on a dedicated server that is secured and is published using a valid SSL certificate. All Ports should be limited to the bare essentials, and MFA should be required. Users should only be able to remotely access specific applications or, in some use cases, their individual machines. Security groups should be utilized to limit the scope of users allowed to securely access the system via the Gateway.
  4. 3rd Party Products – Many products enable a user to work remotely (i.e., GoToMyPC), but this should only be used in a limited case. There is often no corporate oversight or controls when using the small business versions of these products and could create long term vulnerabilities into the environment.
  5. Remote Desktop – Should never be open directly to the internet!
  6. Remote Access Policy – You should have a remote access policy to clarify how users can connect and what they are allowed to do.
  7. Public Wi-Fi – Never use public Wi-Fi with a personal or corporate device when accessing corporate resources.
  8. Social Engineering – Have protocols in place for validating requests to send product or money while in a remote operating scenario to eliminate social phishing and engineering attempts.
  9. Communication and Collaboration – Leverage communication platforms like Microsoft Teams to facilitate conversations and meetings (including video).
  10. Logoff/Lock Devices – When your devices are not in use, it is best to log off or lock them even at home, but especially anywhere in public.

Hopefully, this list will prove to be helpful when enabling your work from home access. While these guidelines help minimize exposure to attacks, there other pathways cybercriminals can take to encrypt your data. A variety of Phishing email campaigns, posing as the CDC or local authorities providing health advisories, are also on the rise. Examples of these types of communication can be found on the KnowBe4 website here.

If you need further assistance in establishing secure remote access or telecommuting, please do not hesitate to reach out.


Recent Posts / View All Posts

Presenting in Skype for Business

In-House IT vs Outsourcing IT Services

| No Comments
With so many business functions relying on technology, it is essential that your business’s IT infrastructure stays secure and running efficiently. A major decision for many small to mid-size companies is choosing whether to outsource their IT or employ an in-house IT team. While your first instinct may be to maintain an in-house IT department …
Presenting in Skype for Business

Why Zoom Rooms from Capital Techies in Washington DC

| No Comments
While it’s true you can purchase Zoom Room in Washington DC components online and set up a Zoom Room yourself, there are significant benefits in sourcing your Zoom Room solutions from Capital Techies. A “Capital Techies Certified Zoom Room” installation guarantees that you will be able to fully leverage all the benefits the Zoom platform …
Presenting in Skype for Business

How to Setup a Zoom Video Conference Room In Washington DC

| No Comments
Transform your huddle rooms, conference rooms in Washington DC – or ANY room – into a Zoom Room! Capital Techies based out of Virginia provides Zoom Room set up bundles include everything you need to open up your meeting space to collaboration around the conference table, across town, or around the world. And it all comes complete …