A lot of us are working from home (WFH) these days. There have been long-established security best practices around remote access, such as the telework security guidelines published by NIST. Now with WFH becoming a dominant form of remote access during this special time, home network security is put under the spotlight again.
Basic practices to make WFH more secure include the following:
1. Think before you click, the human factor
Technology is a big part of the solution, but the controlling part is always 'you'. We always encourage people to do the following when online:
- Think before you click. Do you really need to click that link? Is the link valid?
- Use a strong password and two-factor authentication.
- Always keep your computers/devices updated with the latest software/fix/patch.
For everything else, technologies like the firewalla can help.
2. Protect your home network with an IPS (Intrusion Prevention System)
In the case of WFH, the need to secure the home network is not just to protect personal assets, but also business data and communications.
“A major component of home network security is securing other PCs and mobile devices on the home network. If any of these devices become infected with malware or are otherwise compromised, they could be used to attack the telework device or eavesdrop on its communications.” - User's Guide to Telework and Bring Your Own Device (BYOD) Security, NIST, 2016
Most routers in people’s homes today have no or inadequate firewall capabilities. Some routers have it, but the feature may be turned off by default and people don’t even know how to configure it. Firewalla is a simple yet powerful solution to safeguard your personal and business data, as featured in several recent articles such as on ZDNet and TechRepublic.
While the traditional firewalls are static (you have to manually configure rules), Firewalla is an advanced firewall with a built-in intrusion prevention system that can examine network packets in-depth, and use behavioral analytics to prevent questionable actions on the network. Click here to learn more.
3. Access work via Virtual Private Network (VPN) from home
VPN is essential in securing remote access to business assets. Many small businesses don’t have a VPN solution in place due to the complexity of setting it up and maintaining it. With the new VPN client feature (beta), along with the existing VPN server feature, Firewalla now offers a very simple yet complete VPN solution, ideal for small businesses.
If your company does not have a VPN server but has confidential data hosted on a local business network, you are at risk of compromising business assets from un-encrypted communications from home. You can easily deploy a VPN solution by installing a Firewalla box on the business network as a VPN server, and a Firewalla box on the employee’s home network as a VPN client. Both Red and Blue can serve either as a VPN server or client. The Firewalla Gold will be even more powerful handling VPN sessions. See an example below:
Happy WFH, and stay healthy everyone!