Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, urged organizations in Malaysia to be extra vigilant while transitioning staff along with their access to data and networked resources to work from a more isolated environment during the mandatory Movement Control Period (MCO) imposed until 14 April 2020.
Organizations are reminded that cybercriminals are well prepared to exploit any weaknesses and security gaps throughout this critical period. Unprepared users and unsecured systems can quickly become conduits for malware and malicious activity. Since time is of the essence, security must be an integral element of any teleworker strategy.
“Transitioning administrative staff, technical support teams, HR, marketing departments, and other workers who traditionally work from a physical office – along with access to their data and networked resources – to alternate work sites such as their homes can be a daunting task. In addition to networking considerations, organizations should be aware that cybercriminals are prepared to exploit the weaknesses and security gaps that often arise during such events,” said Alex Loh, Fortinet’s Country Manager for Malaysia.
Fortinet outlines Top Six Critical Steps for businesses to take during this transitional period in fortifying their cyber security capabilities:
Meeting Minimum Remote Workforce Requirements
Every employee working from home requires access to email, internet, teleconferencing, limited file sharing, and function-specific capabilities from their work site. They also require access to Software-as-a-Service (SaaS) applications in the cloud.
- Provide VPN and Endpoint Security
Make sure all users have a laptop loaded with all the essential applications they need to do their job. Ensure that laptop also includes a pre-configured client to provide VPN connectivity to corporate headquarters.
- Implement Multifactor Authentication
Multifactor authentication helps prevent cybercriminals from using stolen passwords to access networked resources. To enable more secure access, every user working from home needs to also be provided with a secure authentication token. These tokens can be a physical device (such as a key fob), or software-based (like a phone app), and are used when making a VPN connection or logging into the network to provide an additional layer of identity validation.
Advanced Requirements
Some remote users such as systems administrators, support technicians, emergency personnel, and executive management teams need advanced access to network resources to access and process extremely sensitive and confidential information or operate in multiple, parallel IT environments.
- Ensure Persistent Connectivity
Pre-configured wireless access points enable secure connectivity from a user’s remote location to the corporate network through a reliable, secure tunnel. For a more secure connection, a wireless access point can be combined with a desktop-based next-generation firewall to enable persistent connections, advanced admission control, and a full spectrum of advanced security services, including Data Loss Prevention.
- Secure Telephony
These users also require a telephony solution that supports voice over IP (VoIP) to ensure secure communications. Both physical and soft client models are available that enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory.
- Implement User and Device Authentication
A central authentication service connected to the network’s active directory, LDAP, and Radius enables remote workers to securely connect to network services at scale. This solution should also support single sign-on services, certificate management, and guest management.
- Establish Advanced Perimeter Security
An NGFW solution needs to securely terminate VPN connections, provide advanced threat protection – including the analysis of malware and other suspicious content within a sandboxed environment before it reaches its destination, and high-performance inspection of clear-text and encrypted traffic to eliminate malware and malicious traffic. Scalability for this function is especially critical, as the inspection of encrypted data is extremely processor-intensive. Without advanced security processors designed to inspect high volumes of encrypted traffic, NGFW solutions can quickly become a bottleneck that can impact teleworker productivity.
“Business continuity and disaster recovery programs require a teleworker strategy that can support a remote workforce with little or no notice, without compromising network security,” explained Loh.
“These business continuity solutions also need to be easily deployable and configurable to enable a quick transition to a remote workforce; while maintaining full security visibility and control regardless of their deployment environment. This ensures that your organization can quickly respond to critical events with minimal impact on productivity and profitability,” concluded Loh.