In a previous article, we spoke about connecting to your Exchange environment remotely using various tools. In this article, we will discuss how you need to protect your sessions while you are working from home remotely. Everyone at home has their own personal space and computers and, on this network, you can do anything. What I mean by anything is that you are not locked down like in the office where they restrict access to streaming sites, adult sites, torrent sites, and more.
Safe at home? Maybe not
Now that you are working from home remotely, you are potentially introducing risk to your work environment. You may ask how? Well, that movie torrent you downloaded or the adult site you visited or you clicked on a link that looked like an advertisement — in the background, your machine could have downloaded malware or a virus. Once you connect with your office network, you could infect every other machine. Even if you think that every site you visit is clean, they are not. They are tracking everything you do and some of them steal information via your keystrokes or other means.
Let’s say you have a VPN connection to access your work environment, what can happen now is the malware/ransomware or virus can freely copy itself and infect every machine now on the network. This will include servers and other users on the same connection. The same would apply if you connect with remote desktop and you attach your disks to the session. This will again allow the malware to move easily and infect your network. So, as you can see, the infections will rise drastically. Treat your home office the same as you would your work office — even if you are free to do whatever you want.
The same applies the other way around. If your servers or workstations are infected and it was isolated to your work office, you will now, in turn, infect your personal computers and your home network will become a risk. When you connect via a VPN connection or remote desktop connection, you will, in turn, infect everything.
When it comes to browsing, make sure that your extensions are clean. You will be surprised how many of them track your movements and send your data to servers.
Today, data is very valuable — yours and your company’s. Yes, they can steal your banking details and clean out your account but what is worse is if your Exchange Servers are hacked or infected because of something you did, that data will be sold on the Dark Web — and you might very well get fired.
Don’t relax on security while working from home remotely
Your work computer is protected by Group Policy and antivirus but you have a relaxed home computer. You should look at hardening your home computers and your network to protect you and your company.
If you understand how VLANs work, segment your network at home. Allow VLAN45 to talk to specific sites only or allow access to certain locations. This can be used as your work VLAN. Put your work computer on that VLAN and then create another VLAN for your personal space like VLAN10 as an example and only allow your personal devices, laptops, smartphones, tablets, etc. to work on this network.
The same would apply to your wireless network. Segment it like your router to ensure that specific traffic is allowed over the specific networks. This means you have taken the step to ensure that your company data is secure and also that your home network is secure.
If you need to copy data use something like SyncVault or a secure site. If you need to transfer information to servers then look at a Citrix environment or ScreenConnect, which will allow you to transfer a specific file or maybe a CU so you can upgrade your Exchange Server because downloads internally to your network are blocked.
Another risk could be that you are running outdated Windows operating systems that are a major risk on the Internet. Upgrade your machine to a version that is supported and is getting regular security updates.
Some forms of malware/ransomware are dormant and will trigger at any given time. You might think, “Everything is OK, I surfed a porn site or downloaded a movie from some strange site and nothing happened.” But that is the wrong approach.
Another thing that can happen is that your router is hijacked and traffic is intercepted. To avoid this, make sure you have a strong user name and password. And since hackers sometimes take advantage of vulnerabilities in your router’s hardware or software, make sure you always have the most up-to-date firmware installed.
Don’t put your company at risk
As you can see, there are many ways to connect insecurely and cause potential havoc. Keeping your home and work data split will ensure that you can sleep peacefully at night knowing that your data is secure and the company is secure and that you have not put your company data at risk of paying millions of dollars for ransomware.
And, of course, make sure you have strong antivirus software running at all times. If you are afraid you might have downloaded malware, use your antivirus’ disk-scan features to make sure your environment is clean. Some of these scans take a long time, but it’s worth it to keep you and your company safe.
Featured image: Freepik / Designed by Pikisuperstar