Services
Managed Cybersecurity
SOC as a Service
Vulnerability Management
Intrusion Detection
Cloud Security Monitoring
Cybersecurity Talent Acquisition
Cybersecurity Consulting
Packages
One Stop SOC
Start-up SOC
MSP Protect
MSSP Accelerator
MSP Select
Reporting
Partners
Partner with inSOC
N-able TAP
Resources
Blog
Webinars and Podcasts
Case Studies
eBooks
SOC Price Calculator
Contact
SOC Calculator

COVID-19 Security Action Plan

By inSOCIn CybersecurityPosted
COVID-19 cybersecurity

10 essential tips for secure remote working 

With COVID-19 causing disruption worldwide, many of our MSP partners have reached out to ask us for support securing their clients as they move to remote working. We’ve compiled this top ten list of essential steps that you need to take to keep your staff and customers safe.

Level 1 – essential first steps

  1. Enforce Multi-Factor Authentication (MFA)
    1. Use simple remote access technologies like SSL VPN and LogMeIn Pro that require MFA
    2. Don’t bypass MFA to ‘save time’
    3. Don’t allow direct access through to a Remote Desktop server or computer without requiring a VPN and MFA
    4. Shut down all open Remote Desktop ports on the firewall
  2. Restrict remote access to a limited geography
    1. Identify where your customers’ employees need to work remotely from
    2. Only allow remote access from those local geographies
  3. Standardize on a remote access technology
    1. Only allow one or two remote access technologies
    2. Make sure your team knows what is authorized
    3. Remind your customers to beware of cybercriminals sending fake emails from ‘IT’ with fake links to log in remotely
  4. Know who logged in from where
    1. Audit the remote access logs on at least a weekly basis
    2. Look for and investigate remote access during strange times of the day or from foreign geographic locations
  5. Alert on failed login attempts
    1. Be aware that cybercriminals have increased their brute force attacks on insecure remote access technologies
    2. Know who is trying to break in and take preventative actions to lock them out


    6. Level 2 – sensible next steps

  6. Disable local file sharing from personal assets (i.e. employee owned devices)
    1. Don’t allow users to transfer documents to their own personal assets
    2. Documents from personal assets could be infected with malware and ransomware
  7. Remind your customers – don’t click on email links!
    1. Avoid clicking on all email links, even from known senders unless you verify offline with the sender that it was sent from them and is safe
    2. Instead of clicking on a link in an email, open a new browser window and navigate directly to the site without copying and pasting the link
  8. Harden Windows operating systems and Office 365
    1. Make sure that all Windows operating systems have been hardened
    2. Once hardened, use test ransomware to prove all systems are protected against ransomware
  9. Close remote access vulnerabilities
    1. Know which vulnerabilities are exposed on firewalls, servers and Office 365
    2. Cybercriminals will be heavily attacking all exposed vulnerabilities for the next several months so don’t give them the opportunity to target you or your clients
  10. Prove backups are safe and working
    1. Ensure that all data (including cloud data) is backed up to at least one segregated environment in a different cloud or on a different network that isn’t connected through a VPN or direct network connection
    2. Perform a test recovery of the organization’s key systems
    3. Document how long the restore process takes
    4. Prioritize each system so you know which to recover first

Want to drill down further and get first-hand advice on how to implement these crucial steps?

Then join us this Friday 20th March at 11am Eastern Time (ET) for our special COVID-19 Security Action Plan webinar to find out how.

Register now!

inSOC

inSOC