With many employees suddenly working from home, there are things an organization and employees can do to help remain productive without increasing cybersecurity risk.
While employees in this new remote work situation will be thinking about how to stay in touch with colleagues and coworkers using chat applications, shared documents, and replacing planned meetings with conference calls, they may not be thinking about cyberattacks. Business owners, ED's and admins need to look urgently at new scenarios and new threat vectors as their organizations become a distributed organization overnight, with less time to make detailed plans or run pilots.
Based on our experiences working with customers who have had to pivot to new working environments quickly, I want to share some of those best practices that help ensure the best protection.
What to do in the short—and longer—term
Enabling official chat tools helps employees know where to congregate for work. Whichever software you pick, provision it to users with Azure Active Directory (Azure AD) and set up single-sign-on, and you won’t have to worry about download links getting emailed around, which could lead to users falling for phishing emails.
You can secure access to cloud applications with Azure AD Conditional Access, protecting those sign-ins with security defaults. Remember to look at any policies you have set already, to make sure they don’t block access for users working from home.
Azure AD Application Proxy publishes on-premises apps for remote availability, and if you use a managed gateway, today we support several partner solutions with secure hybrid access for Azure AD.
While many employees have work laptops they use at home, it’s likely organizations will see an increase in the use of personal devices accessing company data. Using Azure AD Conditional Access and Microsoft Intune app protection policies together helps manage and secure corporate data in approved apps on these personal devices, so employees can remain productive.
Intune automatically discovers new devices as users connect with them, prompting them to register the device and sign in with their company credentials. You could manage more device options, like turning on BitLocker or enforcing password length, without interfering with users’ personal data, like family photos; but be sensitive about these changes and make sure there’s a real risk you’re addressing rather than setting policies just because they’re available.
You’ve heard me say it time and again when it comes to multi-factor authentication (MFA): 100 percent of your employees, 100 percent of the time. The single best thing you can do to improve security for employees working from home is to turn on MFA. If you don’t already have processes in place, treat this as an emergency pilot and talk to our Silloway Support Team to implement MFA.
Longer term, I recommend Azure Information Protection to find and label the most critical data so you can track and audit usage when employees work from home. We must not assume that all networks are secure, or that all employees are in fact working from home when working remotely.
Track your Microsoft Secure Score to see how remote working affects your compliance and risk surface. Use Microsoft Defender Advanced Threat Protection (ATP) to look for attackers masquerading as employees working from home.
How to help employees
As more organizations adapt to remote work options, supporting employees will require more than just providing tools and enforcing policies. It will be a combination of tools, transparency, and timeliness.
Remote workers have access to data, information, and your network. This increases the temptation for bad actors. Warn your employees to expect more phishing attempts, including targeted spear phishing aimed at high profile credentials. Now is a good time to be diligent, so watch out for urgent requests that break company policy, use emotive language and have details that are slightly wrong—and provide guidance on where to report those suspicious messages.
Establishing a clear communications policy helps employees recognize official messages. For example, video is harder to spoof than email: an official channel like Microsoft Stream could reduce the chance of phishing while making people feel connected. Streaming videos they can view at a convenient time will also help employees juggling personal responsibilities, like school closures or travel schedule changes.
Transparency is key. Some of our most successful customers are also some of our most transparent ones. Employee trust is built on transparency. By providing clear and basic information, including how to protect their devices, will help you and employees stay ahead of threats.
For example, help employees understand why downloading and using consumer or free VPNs is a bad idea. These connections can extract sensitive information from your network without employees realizing. Instead, offer guidance on how to leverage your VPN and how it’s routed through a secure VPN connection.
Employees need a basic understanding of conditional access policies and what their devices need to connect to the corporate network, like up-to-date anti-malware protection. This way employees understand if their access is blocked and how to get the support they need.
Working from home doesn’t mean being isolated. Reassure employees they can be social, stay in touch with colleagues, and still help keep the business secure.
The "Crash Course in Microsoft Teams" eBook helps you to discover how to quickly start using Microsoft Teams to communicate instantly with chat, online meetings, calls, and more. The eBook also explains how to set up meetings with file sharing, recording, and transcription; co-edit documents in real time; and collaborate with people inside and outside the organization. For more information on Microsoft Teams, Contact us today.
How do you maintain easy collaboration, save costs, pull talent from everywhere, and provide employees with the flexibility to work where and when they want?
Some employers are adopting SaaS platforms and the cloud to facilitate remote work safely and simply. Tools like Microsoft 365 and Teams are invaluable assets to a modern agile workplace. But adoption requires planning to execute. With experts from Silloway Networks at your side you'll be ready for the modern workplace, and so will your employees.
Welcome to Microsoft Teams
Microsoft Teams is a collaboration app that helps you and your staff stay organized and have conversations—all in one place. Watch "Welcome to Teams" to see how Microsoft Teams helps you achieve more together. To learn more about how Teams can improve collaboration for your organization, contact us today.
The Coronavirus outbreak continues to evolve and we have been closely monitoring the situation. Our Support Team wants to let you know about the steps we are taking to support your business to limit the impact the virus may have on your organization's technology and employees productivity.
Hours of Operation
Our offices will remain open for the foreseeable future. Should it become necessary for us to close our office Silloway Networks employees are fully equipped and able to work remotely to provide you with uninterrupted service.
Service and Support
We are committed to providing our clients with the same levels of support through this ongoing event. Please be patient as we expect higher than normal call and support request volume.
Hardware Purchases (laptops/desktops/monitors)
We have seen delays in the procurement of new equipment from our vendors with delivery times at two to three weeks. These lead times may increase as many companies implement work from home plans.
We will be suspending all onsite support beginning Wednesday, March 18. Most of our client support is performed remotely. We do not anticipate this will impact our service level for our clients. Onsite requests for emergency support will be handled on a case by case basis.
Silloway Networks will be providing updates to keep you informed of any additional delays. We are dedicated to minimizing the impact this event has on your business. Should you have any questions or concerns, please contact us at 802 282-4255 or email firstname.lastname@example.org
Microsoft Dynamics 365 Business Central offers the unique ability to run all aspects of a business through a single, customizable system. For Kelly Roofing, this means a platform that can grow with them, allowing them to provide the best possible service to their customers at all times.
Original release date: September 10, 2018
When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack. However, you can restrict outside access to your computer—and the information on it—with a firewall.
What do firewalls do?
Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary network traffic. Firewalls can also prevent malicious software from accessing a computer or network via the internet. Firewalls can be configured to block data from certain locations (i.e., computer network addresses), applications, or ports while allowing relevant and necessary data through.
What type of firewall is best?
Categories of firewalls include hardware and software. While both have advantages and disadvantages, the decision to use a firewall is more important than deciding which type you use.
Most commercially available firewall products, both hardware and software based, come pre-configured and ready to use. Since each firewall is different, you will need to read and understand the documentation that comes with it to determine whether the default firewall settings are sufficient for your needs. This is particularly concerning because the “default” configuration is typically less restrictive, which could make your firewall more susceptible to compromise. Alerts about current malicious activity sometimes include information about restrictions you can implement through your firewall.
Though properly configured firewalls may effectively block some attacks, do not be lulled into a false sense of security. Firewalls do not guarantee that your computer will not be attacked. Firewalls primarily help protect against malicious traffic, not against malicious programs (i.e., malware), and may not protect you if you accidentally install or run malware on your computer. However, using a firewall in conjunction with other protective measures (e.g., anti-virus software and safe computing practices) will strengthen your resistance to attacks.
Ask us about our Sophos XG Firewall
This product is provided subject to this Notification and this Privacy & Use policy.
What is enterprise network security?
Enterprise network security is the protection of a network that connects systems, mainframes, and devices―like smartphones and tablets―within an enterprise. Companies, universities, governments, and other entities use enterprise networks to help connect their users to information and people. As networks grow in size and complexity, security concerns also increase.
What security threats do enterprise wireless networks face?
Unlike wired networks, which have robust security tools—such as firewalls, intrusion prevention systems, content filters, and antivirus and anti-malware detection programs—wireless networks (also called Wi-Fi) provide wireless access points that can be susceptible to infiltration. Because they may lack the same protections as wired networks, wireless networks and devices can fall victim to a variety of attacks designed to gain access to an enterprise network. An attacker could gain access to an organization’s network through a wireless access point to conduct malicious activities—including packet sniffing, creating rouge access points, password theft, and man-in-the-middle attacks. These attacks could hinder network connectivity, slow processes, or even crash the organization’s system. (See Securing Wireless Networks for more information on threats to wireless networks.)
How can you minimize the risks to enterprise Wi-Fi networks?
Network security protocols have advanced to offset the constant evolution of attacks. Wi-Fi Protected Access 2 (WPA2) incorporates Advanced Encryption Standard (AES) and is the standard employed today to secure wireless enterprises. In June 2018, the Wi-Fi Alliance began certifying devices that support Wi-Fi Protected Access 3 (WPA3), which replaces WPA2. Users should employ the new standards as WPA3 devices become available. IT security professionals and network administrators should also consider these additional best practices to help safeguard their enterprise Wi-Fi networks:
Employing active WIDS/WIPS enables network administrators to create and enforce wireless security by monitoring, detecting, and mitigating potential risks. Both WIDS and WIPS will detect and automatically disconnect unauthorized devices. WIDS provides the ability to automatically monitor and detect the presence of any unauthorized, rogue access points, while WIPS deploys countermeasures to identified threats. Some common threats mitigated by WIPS are rogue access points, misconfigured access points, client misassociation, unauthorized association, man-in-the-middle attacks, ad-hoc networks, Media Access Control spoofing, honeypot/evil twin attacks, and denial-of-service attacks.
The following list includes best practices to secure WIDS/WIPS sensor networks. Administrators should tailor these practices based on local considerations and applicable compliance requirements. For more in-depth guidance, see A Guide to Securing Networks for Wi-Fi (IEEE 802.11 Family).
The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against a fraud that uses Facebook’s texting app—Facebook Messenger. Scammers send messages that appear to be from trusted sources or trick users into clicking on malicious links or sharing personal information. Before clicking on links, users should verify the validity of the message with the sender outside of the app.
Talk to us about a security assessment!
What is a social engineering attack?
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization's network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.
What is a phishing attack?
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as
HP Notebook Computer and Mobile Workstation Battery Safety Recall and Replacement Program
In January 2018, in cooperation with various government regulatory agencies, HP announced a worldwide voluntary safety recall and replacement program for certain notebook computer and mobile workstation batteries. These batteries have the potential to overheat, posing a fire and burn hazard to customers. For this reason, it is extremely important to check whether your battery is affected.
Batteries affected by this program were shipped with specific HP Probook 64x (G2 and G3), HP ProBook 65x (G2 and G3), HP x360 310 G2, HP ENVY m6, HP Pavilion x360, HP 11 notebook computers and HP ZBook (17 G3, 17 G4, and Studio G3) mobile workstations sold worldwide from December 2015 through December 2017. They were also sold as accessories or provided as replacements through HP or an authorized HP Service Provider.
Many of these batteries are internal to the system, which means they are not customer replaceable. HP is providing battery replacement services by an authorized technician at no cost. HP is also providing a BIOS update that places the battery in "Battery Safety Mode" so that the notebook or workstation can be safely used without the battery by connecting to an HP power adapter. Batteries affected by this recall should immediately be put into "Battery Safety Mode".
Battery Safety Mode is only applicable to HP products affected by this recall. If the validation process identifies a battery as being eligible for replacement, the BIOS update should be applied and the system should be rebooted. During the reboot process, an option will be presented to enable Battery Safety Mode. Accepting Battery Safety Mode causes the battery to discharge and to cease future charging until Battery Safety Mode is disabled. HP strongly recommends accepting Battery Safety Mode so that the notebook or mobile workstation can be safely used by connecting to an HP power adapter. For more information please refer to the FAQs tab on the HP website.
HP’s primary concern is for the safety of our customers. HP is pro-actively notifying customers, and will provide replacement battery services for each verified, eligible battery, at no cost. For customers with 5 or more potentially affected batteries, HP has put in place a process to assist with validation and ordering . For details please refer to the FAQs tab on this website.
Note: Not all batteries in all HP ProBook 64x and 65x, HP x360 310 G2, HP ENVY, HP Pavilion x360, HP 11 notebooks and HP Zbook mobile workstations are affected by this recall.
The HP Battery Program Validation Utility will check if the battery in your notebook computer is affected. Validation using the utility generally takes less than 30 seconds
Download the HP Battery Program Validation Utility
What do I do if my battery is validated?
HP will send you a free replacement battery for each verified, affected battery validated on the HP Battery Recall website. Refer to the instructions included with the new battery for information on what to do with the recalled battery.
Silloway Support Team
Call today - 802 282-4255
Silloway Networks offers Enterprise level support to Small and Medium Businesses in Rutland, Addison, Windsor and Bennington Counties. Employing highly-skilled technicians and developing partnerships with best-of-breed technology providers allows Silloway Networks to provide personalized technology solutions to enhance the operation of your business.
Website by Silloway Networks