Microsoft Teams empowers employees to interact on the spot with people all over the world. New features like chat, live reactions, and Whiteboard make the Teams meetings experience uniquely modern. Intelligent in-office cameras designed to enhance the presence of people can produce multiple video streams and create unique experiences for both presenters and attendees.

The culture of hybrid work is here to stay, and the innovations Microsoft Teams is making offers employees choice and flexibility—including a new way in Outlook to organize and display your hybrid office hours or join a meeting using companion mode on your mobile device.

Remote Working Pro Tips for 2021

 

New to remote work? There are a lot of processes IT has put in place to make your lives easier and more secure in the office. If you’re transitioning to work from home, our checklist can help you put similar processes in place to make your experience more secure, reliable, and, ultimately, more enjoyable. For more information, see our detailed summaries on the back.

 

1. Take a picture of your computer setup before you unplug and take things to your remote work location—including the cable setup in the back!

At home, your IT team won’t be with you to reconnect everything. A quick picture of where things are plugged and arranged may save you hours of frustration later. And don’t forget to use an approved cleaning agent to wipe things down before you disconnect.

 

2. Install updates.

Particularly if you’re working from a computer you already own but don’t typically use for office work, please check that all updates and patches to Microsoft®, Adobe®, and other critical software applications have been installed. We know, updates take time, and it’s all-too-convenient to click ‘Remind Me Later.’ However, many vulnerabilities exist in out-of-date software and are the perfect entry-point for a hacker. You must protect the data that you are entrusted to access. Keep it safe by ensuring your software is up to date.

 

3. Update antivirus and anti-malware tools, too.

As a follow up to number two, this may sound obvious. These tools are highly valuable and are designed to reduce risk and keep your computer safe from threat actors that want access to your company’s data. However, just like your office tools, it’s easy to postpone those time-consuming updates—ultimately leaving you at risk. If you’re using a home computer for your work and do not have a paid-for antivirus and anti-malware solution, ask your IT team for help installing a licensed, approved corporate security software to use while working remotely.

 

4. Uninstall unnecessary software from your personal computer.

If you are using a personal computer, please uninstall software that isn’t being used by your family. Software that isn’t being used usually isn’t being updated or patched. Those patches prevent hackers from entering through known vulnerabilities. By removing unwanted or unused programs, you have reduced that risk.

 

5. Use the virtual private network (VPN) at all times.

We understand that it’s just one more thing that you need to do before you can work. Think of it as your seatbelt when you get in the car to drive. That extra moment it takes could be the moment that saved your office network from an attack. And don’t forget to re-engage the VPN every time you log on. It’s easy to put your computer to sleep when you walk away to grab lunch, forgetting that you’ ve logged off the VPN.

 

6. Turn off automatic connections on your Wi-Fi.

One easy way for hackers to gain access to your computer is Wi-Fi spoofing. For example, let’s say you routinely connect to ‘Joe’s Wi-Fi,’ so much that to save time, you click the button that says, ‘Connect Automatically.’ A hacker can set up a portal called ‘Joe’s Wi-Fi,’ and your computer may unwittingly connect automatically to that portal because it has been identified as a safe network.

 

7. Separate your network.

When possible, connect your computer to a different network than the rest of your remote location. It may be as simple as using the company VPN to create that secure connection. If you are more technically capable, then separate your company computer from the rest of the computers in your remote work location via a different router or firewall. If your mobile data plan allows for unlimited data, consider using the hot spot on your phone instead of a guest network or your home network.

 

8. Lock your computer.

When you aren’t using your computer, just like at the office, lock the computer to keep family, friends, and maybe even the kids next door from accessing your company data. And while you are thinking about computer use, please remember that your company computer is for business use only. While it might be convenient to check the news or order takeout, please limit personal use and do not allow friends and family to use your work computer. Something as simple as a local restaurant’s takeout menu could end up being a malicious file that exposes your computer to malware.

 

9. Create a different user account for family and/or friends.

If you plan to use your personal computer for remote work, create a separate user profile for you that is different than your other family members or friends. This is a major step towards helping the company meet our cybersecurity objectives.

 

10. Use a password manager.

If your company offers a password manager, please don’t forget to use it to create and store passwords. The goal is to avoid saving passwords in the browser that can be easily swiped. We know sometimes it’s easier to save it in the form or use the same passwords for different sites or forego using multi-factor authentication where it is offered. However, sacrificing the convenience is well worth it to avoid a security incident and loss of data. Oh, and remember that using a spreadsheet to save your passwords isn’t much better than saving them in the browser forms. Avoid that when you can.

 

11. Ask your IT person about securing the DNS settings on your personal computer.

They likely have the software or a tool you can use on your home computer that will help keep you from accidentally going to the wrong places.

 

12. Update your softphone software.

If set up correctly, softphones, like voice over IP (VoIP), can be very convenient. However, if they are not secure, they can be exploited fairly easily by cybercriminals. If you are using a softphone system at home, make sure you are taking active preventative measures to avoid hacking.

 

13. Ensure secure browser confi

Google Chrome extensions can be a hotbed for computer viruses. It’s best not to use them at all. However, at the very least, make sure those you are not using are uninstalled. If you’re not sure how to do this, ask your IT professional.

 

14. Use Mozilla Firefox or Google Chrome as your browser.

Many other browsers can contain vulnerabilities that can open you up to a variety of cyberattacks, ultimately leaving company data exposed. Both Mozilla Firefox and Google Chrome have the most up-to-date security.

 

15. Think twice.

The threat actors, also known as cybercriminals, are looking to take advantage of you when you least expect it. Right now, receiving an email that looks like it came from your boss or CEO with a subject line that reads, “Company Coronavirus Update” may seem normal, but it may not actually be from your company. Take a moment to review who it came from (the actual email address, not the name in the display). Also, question whether this person would typically send you an email like this.

 

16. Don’t be click happy.

Just because there is a link or an attachment does not mean that you need to click. Mouse over the link and see where it wants to take you. Check for the actual spelling of the domain in the area before the .com, .net, .edu, .gov, or .org looking for anything unusual like the characters ‘1’, ‘l,’ or ‘I’ being leveraged as an imposter domain. Another example would be the letters ‘rn’ instead of ‘m’ or ‘vv’ instead of ‘w.’

 

17. When in doubt: See something, say something, ASAP.

You are our firewall, the first line of defense against threat actors trying to invade our network. And while we know you will never click on a fake email, in the event anything odd seems to have happened, we’d rather know about it than ignore it and hope it goes away. If you may have done something that afterward, seemed suspicious, let us know as soon as possible. And if you accidentally did something that later you realized was bad, disconnect your computer from the VPN and network and call us right away.

 

18. Check with your IT team to make sure your data is being backed up!

CyberSecurity essentials to combat the winter blues in 2021 and 2022

 

Blast Zone System Integrator

 

Use this checklist to ensure you’re accounting for privacy concerns, compliance issues, and the policies and procedures critical to maintaining a secure organization and a culture of cybersecurity.

 

   Privacy Program 

01. Internal privacy policy 

Your internal privacy policy should include employee records, email and internet usage, client/customer usage, internal systems and access, mobile devices, laws and regulations, and consequences for violating the policy. Prepare for the need to have a public-facing privacy policy, if you do not already have one.

02. Employee training on the privacy policy

After creating privacy policies, you need to train your staff to ensure they understand the content.

03. Internal policy for data retention

Creating a policy for data retention controls how long your company will retain data. This policy reduces the impact of a data breach and cuts data storage costs.

 

  Security Program

04. Security awareness training of employees and contractors

Use online security training that is tailored to the needs of the organization. Such courses provide employees and contractors with a basic understanding of the potential physical and cybersecurity threats and how to respond.

05. Phishing awareness training

It is recommended to use a service to randomly test users on their ability to identify phishing emails monthly to determine where additional training is needed.

06. Clean desk policy

The adoption of a clean desk policy is designed to allow for the protection of any information and data that may be found at a user’s workstation. With the removal or secure storage of sensitive information when employees or workforce personnel are away from their desks, the MSP organization can ensure that data confidentiality, integrity, and availability may be guaranteed.

07. Visitor program

Having a clearly understood visitor policy and escort program is vital to the security of employees, workforce personnel, clients, physical assets, and important data. The type of visitor policy needed fully depends on your MSP office and workspace’s type, size, and location.

08. Identify digital assets

Conduct at a minimum an annual risk assessment that includes a complete digital asset inventory, known vulnerability report, and an assessment of risk and impact to the business.

09. Multi-Factor Authentication (MFA)

MFA is a preventative method that employs answers to a combination of prompts that involve something you know, something you have, and something you are to authenticate access into a system. These prompts can range from “where did you go to high school” to biometric methods like fingerprints and can combine passwords with technology by using text messages or emails as an additional authentication step. At least two of the three must be used to achieve MFA.

 

   Tools

10. Virtual Private Network (VPN)

A VPN is an encryption-based communication method that connects a remote office or worker to an organization’s private network over a shared or public network. The encryption effectively makes a tunnel within the public network that data can pass through without being read by eavesdroppers.

11. Secure Wi-Fi / wireless networking

Securing Wi-Fi in use at the organization is one vital component that protects data and ensures the security of critical business systems. Ensure these three items are addressed:

  • Change the default admin password on the Wi-Fi router
  • Update the Wi-Fi router firmware
  • Create a guest Wi-Fi network

12. Secure Email Gateway (SEG)

Email is the primary target hackers use to gain access to private company data. Email is often the least secure means of passing data into and within an organization. Modern methods of attacking email systems have grown in sophistication and the targeting of individuals.

13. System auditing

On the firewall solution, ensure that logging is enabled and that the logs are periodically reviewed by assigned staff to identify potential patterns that may indicate a compromise or ongoing attack. Many vendors provide or include a built-in reporting utility for the detailed analysis of information related to the network traffic with their firewall solutions.

14. Configure backup solution

One of the most known and least implemented security controls is data recovery, or specifically data backups. An organization may have many processes and utilities for backing up critical information. Implement a 3-2-1 backup solution.

15. Test backup solution

Regularly test backup restoration procedures. This process involves regularly testing backup media for reliability and testing the recovery procedure to ensure that the process has been verified during a disaster and can be replicated quickly and with minimal errors.

16. Domain Name System (DNS) and content filtering

Use the Domain Name System (DNS) layer to filter content based on IP addresses to control web use and reduce infections by blocking sites known to pose a high risk of containing malware. While most firewalls have this included, once the user leaves the office (remote workforce) they need an agent installed on their laptop or wireless device.

17. Endpoint Detection and Response (EDR)

Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. Attackers do not work 8 am to 5 pm, so you need 24×365 for effective detection and response.

18. Security Incident and Event Management (SIEM)

Typically include the collection of security-related logs across network devices, the ability to correlate activity across multiple devices, and aids the ability for security analysts to search for and identify potential malicious activity.

 

   System Hardening

19. Clean up all unused programs on all systems

Every program installed on a host endpoint or server operating system is another avenue of potential entrance for a hacker. Removing unnecessary or unneeded programs helps to limit the number of ways into a system. Close unused ports.

20. Use group policies and active directory

It is recommended to clearly define what groups can access and maintain Microsoft Active Directory groups and rules. Occasionally, issues may arise due to simple user error that can open the gateway for a successful cyber-attack.

21. Secure Endpoint configurations

This includes reducing the attack surface, strengthening user account controls, enforcing device firewalls, and implementing secure policies while maintaining reasonable user efficiency.

22. Implement perimeter security

Properly configure and implement firewalls, routers, VPNs, and Intrusion Detection and Prevention systems (IDS/IPS).

23. Patch management plan

A regular part of the security routine should involve the planning, testing, implementing, and auditing patches through an automated patch management software.

24. Monitor and track behavior in cloud apps

Detect abnormal user behavior like impossible travel, unfamiliar sign-in properties, or suspicious inbox manipulation rules within cloud-based apps like Microsoft 365 and Azure AD to prevent attacks like business email compromise and ransomware.

 

   Vulnerability Management and Assessment

25. Define a vulnerability analysis and resolution strategy

Vulnerability management is a crucial component in understanding your organization’s overall risk. Organizations need to understand how vulnerabilities impact the overall weaknesses within your environment.

26. Vulnerability management program

At the core of any vulnerability management program lies the fundamental process of software management. Most vulnerabilities are software “bugs” that can be exploited and possibly compromise confidentiality, information, or availability. As such, an MSP organization should take the time to understand all the software used within their environment.

27. Incident response policy

Policies set the standard of behavior for activities; such examples include:

  • Statement of Management Commitment
  • Purpose and Objectives of the Policy
  • Scope of the Policy
  • Organizational Structure and Definition of Roles, Responsibilities, and Levels of Authority
  • Severity Ratings of Incidents
  • Performance Measures
  • Reporting and Contact Forms

28. Incident response procedures

Procedures are the specific step-by-step instructions to execute individual processes as part of a plan specific to incident response, which is not the same as business continuity or disaster recovery. 

29. Incident response roles and responsibilities

Know the key stakeholders and critical roles within the MSP organization who should care and be involved in a security incident. The responsible stakeholders and roles may change depending on the type of incident and the targeted resources of the organization.

 

Trusted Partner   30. Trusted partners to manage and monitor

Security is a shared responsibility. As attacks have grown in number and sophistication, small businesses no longer have the resources to deal with security issues effectively. In fact, in a recent study*, 59% of SMBs believe that all or the majority of their cybersecurity needs will be outsourced in the next five years. Partnering with Blast Zone Technology provides the confidence and peace of mind that you are working with the best in the industry to secure your organization’s intellectual property and customer database.

 

Security Audit   Free CyberSecurity Audit ~ Book Now

(778) 608-4266

Info@BlastZone.ca