The SANS Institute has produced a training kit and additional resources designed to offer organizations, individuals and parents some best practice advice on working from home securely, as the Covid-19 pandemic spreads.
The information security training provider claimed its Security Awareness Work-from-Home Deployment Kit will help to fill knowledge gaps as organizations rapidly transition to new distributed working set-ups.
“For many businesses, managing an entirely remote workforce is completely new, which means they may lack the processes, policies and technologies that enable employees to work from home safely and securely,” it argued. “In addition, many employees may be unfamiliar or uncomfortable with the idea of working from home.”
The home working kit for employers highlights three main risks to remote employees: social engineering, weak passwords and unpatched machines. Other potential challenges to consider include incident detection and response, Wi-Fi security, VPNs, remote workers outside the home and guests/family members who want to use work devices.
It recommends business leaders cooperate closely with their IT security and comms teams to roll-out their remote working strategy, and urges effort be made to create a forum where users can have their questions answered and report incidents, preferably in real-time.
Alongside the deployment guide there’s a factsheet for micro-businesses or sole traders working from home, which outlines five key steps to protect against major cyber-threats.
There are also resources for parents faced with the prospect of children using the internet at home for several weeks whilst schools are closed.
“The key advice is: be suspicious of any emails trying to create a sense of urgency to click on a link or send information; take steps to protect your home Wi-Fi, changing default passwords and restricting access,” SANS director of security awareness, Lance Spitzner, told Infosecurity.
“Also create strong passwords on any websites you use, make sure any device is running the latest software, and don’t let family and friends use work devices.”
Multiple security and tech vendors are stepping in to help businesses that may be struggling to support remote working.
Trend Micro is offering six-months free access to its consumer security product, Trend Micro Maximum Security, while SentinelOne is providing free use of its endpoint security platform until mid-May.
#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity