In our last article we spoke about Microsoft’s decision to stop supporting Windows XP on April 8, 2014 and the implications to businesses. A related issue is who you allow to remotely access your network using their home computers. This decision can also have severe consequences if not controlled properly.
Many large companies have strict policies about accessing their network remotely. Most only allow such access from corporate computers (i.e. laptops, etc.) that are managed and tightly locked down. However, many companies, especially Small-to-Medium Businesses (SMBs) aren’t so strict and allow employees to log in remotely using their home computers.
The sad truth is that most home computers are not as secure as their business counterparts. Here’s why:
- Multiple family members may be using the same PC and it is hard to control the websites they visit. For example, many websites sporting free games are conduits for malware and viruses.
- Many home PCs do not have strong anti-virus and anti-malware programs and most are not kept up-to-date.
- Computers can be expensive for individuals. Many home users have old outdated systems with the soon to be unsupported Windows XP Operating System. After April 8, 2014, Windows XP will no longer receive security updates and will be more vulnerable to cyber-attack.
- Strong passwords are the first line of defense against unauthorized access. Many home machines either have very weak passwords (i.e. 1234, etc.) that can be found out in seconds by a hacker or their PCs aren’t password protected at all.
- Many home users turn off the automated Update option because it annoys them when Windows requires a reboot at inopportune times. So, even currently supported operating systems like Vista, Windows 7 and Windows 8 may not be fully patched to close known vulnerabilities.
- There are many convincing scams out there and people have to be very careful. For example, many users fall prey to bogus emails claiming to be from trusted companies like Federal Express stating that a package could not be delivered and asking the user to click on a link to find out the details. Of course, the email is not from Federal Express but from a cyber-criminal intent on unloading a malware or virus infection. Once the user clicks on the link, the cyber-attack commences.
- For convenience, many users have their browsers set to remember logins and passwords when accessing websites. This can pose a problem when accessing corporate cloud-based services. If a hacker gains entry to the workstation or a user inadvertently downloads some malware, those logins can be stolen.
- Users sometimes make the mistake of storing their company passwords on their workstations in unsecure MS Word, Excel or Text files. This is an easy hack for cyber-criminals.
- Many SMBs are too trusting and do not immediately delete access privileges of employees who have left the company leaving systems vulnerable. Those former employees who have access to the company’s network from their home computers can still access information and data.
A compromised home PC that is allowed to remotely access their employer’s systems can serve as a gateway for cyber-criminals to attack company networks, either directly or through malware payloads. SMBs must have policies in place to limit such access and protect themselves from criminal intrusions.
To protect themselves, companies should:
- Ensure that the company’s network is secure including up-to-date firewalls (hardware and software), effective anti-virus and anti-malware programs, and intrusion detection systems to alert IT of attempted unauthorized access.
- Restrict remote access to only those staff members that need it and limit the type of information that each employee can remotely access.
- Require that home computers used to access the company network: are using a supported Operating System (currently Vista, Windows 7, Windows 8), have Windows automated updates enabled, have up-to-date anti-virus and anti-malware programs and an effective software firewall in place.
- Require employees using their home computers to access the company’s network to have their user account protected by a strong password that is not shared with anyone else for any reason.
- Make sure that the user doesn’t store passwords on their computers.
- Immediately remove the remote access privileges of separated employees.
- Only use Virtual Private Network (VPN) software or other remote services that utilize encryption from point-to-point to protect sensitive data in transit.
- Make sure employees know not to set their browsers or other systems to automatically connect to company sites or the network. Always insist that the user manually enter authentication details when accessing company systems.
- Install an ongoing IT Security training program and require employee participation.
- As an added precaution, SMBs should consider placing any home computer used to access their network under the company’s Managed Services Plan (MSP) to ensure that the workstation is properly monitored and maintained to minimize risk.
In today’s world, it is foolish for any executive or business owner to think that just because their company is small, cyber-criminals won’t notice them. The fact is that cyber-criminals know that many SMBs don’t take IT security as seriously as large companies do and therefore are more vulnerable to attack. SMBs are the proverbial “low hanging fruit” for cyber-criminals.
Bottom line: take IT security very seriously. Cyber-criminals are looking for easy exploits. Be very careful when allowing remote access to your network and make sure there are stringent controls in place to protect your company’s information.