First of all, 3Nines is considered essential, so we are open and working normal business hours. We do have some employees working from home as do most but we are also here at the our OKC office with business as usual.
With high speed cable internet access available in most metro areas, remote access to your office network is more available than ever. The ability to connect remotely and be satisfied with the result is a function of how fast of a connection you have at home, what router you are using, whether you are connected via wifi or hard wire connected and how much competition for bandwidth do you have with others in your home!
Most residential internet connections have ‘residential’ routers. These devices are meant to be economical to rent to customers from Cox or AT&T. They were never really intended to be great firewalls or protection from all of the bad actors out there. Now that more workers are working from home than ever before, there is more of a need to protect those devices. Security has never been more important. When you think that those devices are connected to the office network and based on their administration rights, may be able to add, delete, change, encrypt or otherwise ruin any proprietary data that may reside on corporate servers, it should scare you. It really should scare you. What do you do about it? If you care about your company data, you’ll protect those devices just like you would do at the office.
You should purchase a ‘commercial’ grade network router / firewall. Commercial grade firewalls can be purchased such as Fortinet, SonicWall, Cisco and others. Then, antivirus software along with software to monitor a users administration rights should be installed. We recommend a combination of software products that monitor and control the access on these machines. Then, you should make sure that the access to corporate resources is done with security in mind and not necessarily the ease of access. Dual factor authentication in some factor is a minimum requirement as well. Passwords need to be strong and changed frequently.
Training employees on phishing techniques is a must. Many break-ins, data theft and ransomware attacks starts with an employee clicking on a link they shouldn’t, opening bogus email or calling a number left on their screen by someone posing to be Microsoft or some help desk member. That is just too easy for a criminal…. don’t let it be one of your own employees that lets them in! And don’t buy gift cards for anyone asking over email…. even if you think it is your boss that is asking. Because it probably isn’t.
Then also make absolutely sure that your corporate data is backed up. That means locally and in the cloud. Having cloud only backup will likely mean in the event you are attacked, get ransomware or simply a hardware failure, it will be DAYS before you are able to get back to work. Large amounts of data don’t download back to your server from the cloud over night…. it usually takes days, which means you wait and wait. And wait. That should be the worst case scenario. Best case, you go back to your local backup which can be restored at network speeds.
If you do it with security in mind first, you can work from home safely with the knowledge that you’ve done all that you can to keep your data safe from the bad guys.