cloud service data security concept: computer, tablet, phone, hard drive connected to the cloud made of white paper clips and check-lock on it
Evans Consulting Services has spent the last few months taking a deep-dive approach to identifying and providing valuable insights about the importance of digital connections in the age of COVID-19. Recently, we evaluated digital communication tools in a free white paper and highlighted the importance of internet connectivity at the office and at home.
As the remote workforce fluctuates during these unusual times, IT leaders must be equipped to not only provide stable and reliable connections, but also to secure these connections. When a hacking incident occurs the impact to a business can be substantial – resulting in lost time, loss of data, and potentially loss of capital to address ransomware situations.
The Evolution of Cyber Security
One of the great benefits in todays’ digital age is that high speed Internet connections are available in many forms. However, with greater access to high-speed Internet we also have the consequence of more bad actors and attacks. In 2018, the US Government commissioned a study to examine the effect of hacking and malware on the economy and determined that over $100 billion is lost annually to combat bad actors*. This trend is only getting worse, especially with COVID-19 forcing millions to work remotely.
*Source – Whitehouse.gov
What is significant beyond the sheer cost of security threats, the sophistication of hacking attempts has become very scary and real. The multitude of attack points across an organization extend from email phishing to socially engineered schemes to get password and / or financial information. The importance for everyone in your organization to get educated so that they understand these types of attacks is paramount. This extends across all devices employees may be using – Mac, Windows, Android, cell phone, laptop, or any other smart device.
In this Cyber Security Education Series, we are going to present key topics for IT leaders to consider. Each topic is designed to help you build a critical understanding of both the risks that your organization faces and the steps you can take to mitigate those risks.
Security Starts at Home
The best place to start your security planning is at home. As mentioned, with employees forced to rely on personal Internet connections to access enterprise tools, you must begin by securing your connection from the home to the enterprise. To accomplish this, consider the following techniques:
- Using a Firewall at home
- Connecting to networks securely using a VPN
- Using a backup connection securely
Is your organization securing its remote workforce?
Your First Line of Defense: The Firewall
For any network large or small, a firewall is usually your first line of defense for outside intrusion. Firewalls can be used to monitor and prevent unwanted intruders from accessing your network. In addition, a firewall can prevent malicious software and tracking bugs to be installed on your devices within the network. This functionality works based on securing specific ports for both inbound and outbound transmission of data from your router.
There are two primary types of firewall systems available for at home employees – hardware and software based. Although most operating systems have software firewalls built-in, we recommend a hardware-based solution. When you setup a physical Firewall you will protect your whole network instead of just one device.
While both options are better than zero protection but having a physical hardware device is the best practice for fully securing an at home network. Depending on your network sophistication and your employer’s policies, employee firewalls at home can be connected to corporate networks using Virtual Private Tunneling methods.
The Security of Virtual Private Networks (VPN)
A virtual private network is a secured connection between two networks (or computers) transmitted over the public Internet. A VPN works by encrypting the data packets transmitted across the Internet so that it is much more difficult to be intercepted and decoded. This process, also known as encapsulation, has evolved over the years with modern VPN connections utilizing several standards including SSL, SHA, and TLS, among others. You are likely familiar with a basic form of VPN utilized on ecommerce sites where an SSL certificate is used to encrypt financial data when you checkout and make an online purchase.
There are many options available to setup a VPN. There are subscription options available for software that can be installed on routers, firewalls, and end devices. Home users can purchase these products (such as Express VPN) that allows them to secure end devices as well as the entire network by simply purchasing a subscription.
Depending on your role or job function either a dial-up VPN connection can be made available or a Point-to-Point VPN connection that is always on. Please contact your IT department to see what is available. If your organization needs help determining the optimized configuration, our team at Evans Consulting Services is always available to help.
The final element to consider when selecting the appropriate VPN and encryption technology is the types of data your organization transmits. The more sensitive the data, the more secure your solution needs to be. For example, if you are dealing with Personally Identifiable Information (PII), Financial Data, HIPPA or Government Data, you will likely have specific regulatory requirements for the level of encryption needed. In addition, Executive and Leadership internal data is critically important to secure.
The Gap in Most Implementations: What happens when your Internet goes down?
So, you have setup a firewall and configured a VPN to securely connect to the business, but what happens when your Internet does down? No matter how secure your connections are setup, if an employee’s connection goes down one quick solution an employee can use is a data hotspot from their cell phone. At first look, this could be considered a big security risk because these hotspots out of the box are not protected. Using a VPN connection as suggested previously in this article, you can secure your hotspot connection. Likewise, your employer may have enterprise VPN software that can be installed on your phone or other LTE device.
Depending on your role in the organization, you may require a more robust backup solution. One option is your organization can provide a dedicated SD-WAN service that relies on software to automatically fail-over to another connection. There are hardware dependencies for this type of configuration, and this is not always feasible for at home workers. Contact Evans Consulting Services if you need further assistance or guidance in setting up these advanced configurations.
Take the Next Step
If your workforce is at home, you must start with a detailed assessment of the security configurations they will need. By configuring a firewall, dedicated VPN and having a backup plan, your organization will be well on its way to securing your virtual workforce.
If your organization is struggling to secure its remote workers, Evans Consulting Services has the expertise to help. We offer all new clients a free consultation and assessment of their Security Plan and Implementation. Contact our team today to learn more about how our services can benefit your organization.
Stay Tuned
Part 2 of our Cyber Security Education Series will move from at home security to focus on the connectivity to your business systems.
About the Author
I created Evans Consulting Services after running another start up business with partners. We ran the business like a corporation. Over the years, I have learned that entrepreneurship was a unique challenge. I learned that each member of a small organization is extremely important and must carry their own weight, earn their compensation and produce results. The negative impact of sub-par performance is devastating and cannot be sustained by an emerging business.
I’ve been in business as an entrepreneur for 22 years. Through ECS, we have continually demonstrated the ability to successfully partner with a variety of entities. ECS is a team player. For example, ECS entered a joint venture with Albert Kahn Associates, a 100+ old architectural firm, on a million-dollar project to design and install the cabling infrastructure for Motor City Casino Hotel. We also have maintained a managed contract customer relationship with KIRCO Management Services LLC, a multi million-dollar development, property management, and construction company that has grown nationally over the last 19 years. KIRCO is our flagship, cornerstone customer since 2001. In the future, our relationship will continue to strengthen as both companies grow.