Optrics Insider – Top 3 Work from Home IT Security Issues

We wanted to bring in and talk to Shaun Sturby, our Technical Services Manager, who is the one on the street who is talking to our clients and keeping an eye on how things are going out there in the networking world and share Top Three things that IT Managers and IT Directors should be thinking about.

Scott:

Before we do that why don’t you introduce yourself Shaun and and to talk about some of your experience so far in your IT career.

Shaun:

Thanks for the intro Scott. I have been the Manager of Technical Services here at Optrics for the last 20 years or so. I started in the IT industry in the sort of early 90s. Novell, NetWare networks and back when this “Internet thing” was just starting out in the last 20 years or so it’s been just at Optrics focusing on security solutions and dealing with our clients and all of their unique requirements.

Scott:

Perfect and for those of you who are our clients this is the guy you probably talk to when getting a demo or professional services whether it be implementation or training on one of the solutions you purchases from us so today you get to see him live in person. Thank you for that Shaun. Let’s go to the Top Three what let’s go through some things here first thing is keeping your staff working from home safe so let’s talk about that.

Shaun:

Yeah sure so a lot of people when the this idea of working from home came along they had to set up whatever they had so if it was a home computer that the person had all of a sudden now it’s got a connection back to the office and is being used to do everything that they had done as if they were in the office. However, this is not a corporate managed device so we’ve got to keep her end-users safe we gotta remind them that if they’re the IT person for their own home computer to make sure that it is up-to-date, that there’s a good antivirus solution in place and that that all of the products or software that’s on it is up to date and not exploitable versions. Now if they can’t do that you might want to add them into whatever local management tool you are using so that you can now get a visibility into whether or not they are up-to-date or after running a ancient Windows XP version of Windows and no antivirus.

Scott:

Well the other thing to keep in mind to Shaun is that as organizations are changing how they do things especially with using collaboration tools or webinar tools or web conferencing tools is not everybody is trained up on using them. So just keep in mind that you could have a pocket of users depending on the size of the organization who aren’t super comfortable with it and so it’s worth perhaps even doing a poll not just from a security perspective but from a training perspective making sure that everybody is up to snuff.

Shaun:

Another thing that I’ve recommended is if they can make a change to the their DNS settings to use some of the family friendly DNS services out there that are going to automatically block then going out to known malware sites.

Scott:

Such as OpenDNS …

Shaun:

There’s OpenDNS and for Canadian clients CIRA has recently come up with a service again free for home users so very easy to set up, very simple and it’s just another layer of protection.

Scott:

Speaking of protection let’s talk about not only keeping our staff working from home safely but now also making sure that your own network is safe and you had some thoughts on that as well.

Shaun:

Correct yes. So to do this work from home a lot of companies are being setting up VPN connections, which are great others might just be enabling Remote Desktop Protocol into their network. The Internet is telling us that there’s a lot of scanning for these open networks so or open RDP connections so instead of opening them wide to the entire Internet. If you have to open it up VPN would be a better solution but you can always do some geofencing if all of your end-users are in North America why open up your firewall rule to the entire Internet maybe restrict it or if you can go the next step if you can you survey your end users and get their IP addresses, which could be as simple as you know sending them a link saying what IP address they have on their home computer. They can do a screenshot or do a copy and paste for that send it back to IT and now you can limit it so that only if they’re coming from their home IP address are they allowed into your network.

Scott:

That’s a great point and something that’s definitely worth looking into.

The final thing that we wanted to discuss for the pros and cons of working from home is it necessarily a bad thing, in some cases it could be more efficient. Now from what I’m hearing is there’s lots of organizations who had already, that’s just the way they work and so this is nothing new for them and so long as you’re already set up in a “distraction-free environment” you have a home office it certainly works better, Easier commutes in the morning and at lunch provides lots of flexibility, but I think the big thing here is a having a distraction free zone. What are some things that you’re seeing and that in that regard?

Shaun:

Yeah being able to set up a space that is this is work and explaining that to your family. When I’m in this room or when I’m at this desk this is at work and also being a little flexible so I’ve seen lots of people because of kids now at home where if both parents are also working from home that maybe they shift their schedules a little bit where one parent will take care of the kids in the morning and then do all of their work you know noon on and that way they can if there’s the flexibility in their work are able to still maintain their family environment, but also be efficient as far as working.

Scott:

orange coneNow another thing I know we’ve implemented here at the office we’re in an open environment is just to have a symbol of when you should not be disturbed like you’re in focused time or client time, and I too bad I don’t have one here, but have something like “orange cone time” and that’s not something I came up with I saw it somewhere else but some symbol that says if the door is closed or whatever that says to the rest of your family when this happens I absolutely can’t be disturbed unless the house is burning down.

Shaun:

Like TV or radio station on air sign yeah as simple as a little piece of paper or sticky note on the door I’m busy.

Scott:

Yeah do not disturb. What are some tools that you recommend that people look at right now to make sure that that their staff for working home safely that their their network is safe and also making sure that their staff are working efficiently anything come to mind?

Shaun:

Well we already mentioned using some family friendly DNS services on their home PCs so that they can if they go out to the web or if somebody sends them a link that leads to a malicious site that they even if they accidentally click on it they might not actually go out to it. Some training and education on phishing the scams that are going out right now. The malware writers and scammers are ramping up their efforts especially trying to do the spear phishing where they claim to be the CEO and they’re oh we just want to thank all of our users from working at home. Can you please run out and get me or buy online a hundred of these iTunes cards so we can send them out to every one of our users? You’re going to use your own credit card for this, but will reimburse you once this is over and so that’s happening a lot more and then you know I talked about it’s the and users or the home PCs that they’re using. You might actually have to increase your antivirus and/or management tool account so that you can bring those into the fold might not be exactly the same you don’t apply all the same rules but at the very least you make sure that they have an updated antivirus and it can at least see the status of their software patching using a tool like say the ManageEngine Desktop Central if it’s properly set up it can reach out to PCs outside and we’re finding a lot of our clients are using tools like that to make sure that the home users and their PCs are kept up-to-date.

Scott:

For the fishing training and ansi fishing fishing training and simulation KnowBe4 is the product that we recommend and certainly we can talk to about that Desktop Central is a ManageEngine product and we’d love to talk to about that. On the antivirus side of things one thing to consider is in perhaps Shaun you have a comment on this is that a lot of the the antivirus vendors out there for whatever using you’re using internally for your corporate environment, they might also have a deal on providing home user versions of the same thing .

Shaun:

Yeah they are doing that and they are also making a three or six months subscription available at no charge.

Scott:

It would be worth making sure that everybody is on a common platform and I’m sure as an IT person trying to patch 50 different types of antivirus that’s just a great way to go so having everybody on the same thing and making sure that it’s done correctly is a is a good thing.

Great well any final closing comments Shaun or do you think we’ve got it well covered off?

Shaun:

I think we’ve got it well covered off thanks for the discussion Scott.

Scott:

Yeah no problem and I look forward to doing them again.

So hopefully everyone we’ve provided some good tips and food for thought, stay safe out there and we’ll chat again bye for now.

About the Author: Shannon Lewis

Leave a Reply

%d bloggers like this: