Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, urged organisations in Malaysia to be extra vigilant while transitioning staff along with their access to data and networked resources to work from a more isolated environment during the mandatory Movement Control Period (MCO) imposed until 31 March 2020.
During this critical period, organisations are reminded that cybercriminals are well prepared to exploit any weaknesses and security gaps. Unprepared users and unsecured systems can quickly become conduits for malware and malicious activity. Security must be an integral element of any teleworker strategy, since time is of the essence.
“Transitioning administrative staff, technical support teams, HR, marketing departments, and other workers who traditionally work from a physical office – along with access to their data and networked resources – to alternate work sites such as their homes can be a daunting task. In addition to networking considerations, organizations should be aware that cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events,” said Alex Loh, Fortinet’s Country Manager for Malaysia.
Fortinet outlines Top Six Critical Steps for businesses to take during this transitional period in fortifying their cyber security capabilities:
Meeting Minimum Remote Workforce Requirements
Every employee working from home requires access to email, internet, teleconferencing, limited file sharing, and function-specific capabilities from their work site. They also require access to Software-as-a-Service (SaaS) applications in the cloud.
Provide VPN and Endpoint Security
Make sure all users have a laptop loaded with all the essential applications they need to do their job. Make sure that laptop also includes a pre-configured client to provide VPN connectivity to corporate headquarters.
Implement Multifactor Authentication
Multifactor authentication helps prevent cybercriminals from using stolen passwords to access networked resources. Every user needs to also be provided with a secure authentication token in order to enable more secure access. These tokens can be a physical device (such as a key fob), or software-based (like a phone app), and are used when making a VPN connection or logging into the network to provide an additional layer of identity validation.
Some remote users such as systems administrators, support technicians, emergency personnel, and executive management teams need advanced access to network resources to access and process extremely sensitive and confidential information or operate in multiple, parallel IT environments.
Ensure Persistent Connectivity
Pre-configured wireless access points enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. A wireless access point can be combined with a desktop-based next-generation firewall for a more secure connection to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including Data Loss Prevention.
These users also require a telephony solution that supports voice over IP (VoIP) to ensure secure communications. Both physical and soft client models are available that enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory.
Implement User and Device Authentication
A central authentication service connected to the network’s active directory, LDAP, and Radius enables remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.
Establish Advanced Perimeter Security
An NGFW solution needs to securely terminate VPN connections, provide advanced threat protection – including the analysis of malware and other suspicious content within a sandboxed environment before it reaches its destination, and high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. Scalability for this function is especially critical, as the inspection of encrypted data is extremely processor-intensive. NGFW solutions can quickly become a bottleneck that can impact teleworker productivity without advanced security processors that are designed to inspect high volumes of encrypted traffic.
“Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security,” explained Loh.
“These business continuity solutions also need to be easily deployable and configurable to enable a quick transition to a remote workforce; while maintaining full security visibility and control regardless of their deployment environment. This ensures that your organization can quickly respond to critical events with minimal impact on productivity and profitability,” concluded Loh.