Work from Home – WFH – Are you secured?

Work From Home – WFH. the new Normal for employee and Small, Medium or Large Enterprise. Working From Home is going to be part of the Work culture for quite some time now.

While many businesses switched to Work from home amazingly fast, some businesses took time and some still are figuring out ways to do so.

Employees must work for a business to run and earn. With limited or no access to office resources business and employee find it difficult to work from home. Plus, everyone cannot keep interacting over phone for entire day long nor flood inboxes with emails.

Businesses need to choose right solutions which fits to their needs, budget and is secured.

Security has become a big concern along with the pandemic. Many organizations across globe whether they were small businesses or large enterprises / Government organizations. All faced this issue. Some to a great extent like getting infected by ransomware and had to pay the ransom to get data back and some with data loss or disruption in services.

Work From home has its benefits and flaws.

Some employees enjoy Working from home, while some hate to work from home. But they surely like one thing they don’t have to travel in the crowded trains, buses, and metros in the metro cities to reach office.

Some do feel happy to work while being with family (those you had to leave their city to work in metro’s) but some hate the new culture of working more than 8 hours as they are now accessible 24×7,

Leaving the employee sentiments apart.

I been asking every CIO / CTO / CISO I been meeting since last 1+ year about do they feel their enterprise network is secured?

No one has a confirm answer. Everybody is wishing and hoping their network is safe.

Before these businesses fall prey to malware, Trojan, or ransomware they need to do a thorough security audit of their enterprise network and Endpoints.

Identity theft has become easier for the hackers using Social Engineering has become common. Employees every fall prey to phishing emails and websites mostly because they don’t have any prior security awareness training.

In a nutshell.

Organizations must

Invest in rights tools and application for their employees to continue to work from home.

The solution must be in line with security and enterprise identity management systems. Organizations must implement

• 2FA/MFA (Two / Multi Factor Authentication)
• SSO – Single Sign On.
• Make employee change their passwords often and ensure complex passwords are chosen. Dos and Don’ts when they work from home.
• Employees get basic training about how to identity Phishing emails / websites.

2FA/MFA (Two / Multi factor Authentication)

2FA/MFA sends a authentication code to Email, SMS, WhatsApp, or an Authentication App after the user keys in a correct user id and password.

Only after correct code in entered in the code authentication textbox the user get access to enterprise resources.

This options one step towards ensuring right persons are accessing your enterprise network.

SSO – Single Sign On

Single Sign On / SSO helps organizations to manage enterprise applications easily. Single Sign On is achieved by authenticating Applications, Email, and System Sign on by Active directory services.

Active Directory authentication has a proven security against password hacks and disabling a user in Active directory automatically stops the users access across the entire enterprise applications and network.

Applications can start SSO using authentication protocols like LDAP, OAuth and SAML.

Complex Password

By ensuring employees can only use complex password. Organizations can add one more milestone towards a secured enterprise network. Complex passwords must not only be combination of Numbers, Special Characters and Upper and Lower cases but also include policies like the employees cannot include their first, middle or last name, their date of birth or anniversary to be part of their password.

IT Security Awareness Training

Employees must be given IT security awareness training and must take up assessment to know how much knowledge / awareness they have gained from these training.

By ensuring employees know about Do’s and Don’ts while working in an Enterprise Network while working from home or at office. Businesses add one more security check towards securing their business data and work from home – WFH capabilities.