[nish2020]

There are lots of articles available on how an organization should manage cybersecurity risks. What are the cybersecurity risks related to working from home? What precautions should be in place?

Topic

[KristynAlldredge]

Organizations that allow their employees to work from home should provide the same security measures as employees that work on site. This may be harder to manage if employees utilize their own personal computer to connect to their networks. Certain protections you can take at home include making sure all software is up to date, installing antivirus, and backing up critical data.

[Natepearson77]

Employees should make sure that both wifi and routers in the home are password protected with 11 or unique characters. This protects personal information and business data. In addition, businesses should provide a VPN connection for employees connecting to confidential systems or services.

[JRM30]

The process of protecting organizations information assets may need to expand to include steps to protect an organization’s employees at home. While a VPN would be an essential step in providing security back to the enterprise from a corporate laptop, providing at least basic IPS and packet inspection services would be a great next step, especially considering the prevalence of BYOD devices. However, even a small next generation firewall is going to be priced beyond the pocketbook of most homeowners. Are we going to see more consumer priced wireless routers with stronger security features? The Norton Core was an interesting though weak early attempt, and it has been discontinued. This seems like a market niche with opportunity for growth.

• This reply was modified 10 months ago by JRM30.

[Shyam Raman]

Well here’s the latest one from Microsoft (hot off the press). ASSOCIATED PRESS
Microsoft Confirms Critical Windows 10 Exploit: Ongoing Attacks, No Fix Available
Microsoft has issued a warning that targeted attacks are underway against Windows users.
Microsoft has issued a warning that targeted attacks are underway against Windows 10 users, from attackers exploiting a critical vulnerability with no available fix.

Microsoft has today, March 23, issued a security advisory warning that it is aware of “limited targeted attacks” against Windows users that could allow an attacker to execute code, including malware, remotely. Not only does the exploit affect all supported versions of Windows 10, but all other supported versions of Windows as well. If that weren’t bad enough news, things get worse when you realize that there is no current fix available to patch this particular vulnerability.
It’s been a bad few weeks for Microsoft when it comes to matters of security vulnerabilities. On March 11, I reported how another as of then unpatched and critical vulnerability named SMBGhost was being exploited. That vulnerability was, however, pretty quickly fixed, and on March 13, I passed on the message that Microsoft was urging all users to take action and upgrade as soon as possible. This week, on March 22, came the news that healthcare workers were being targeted by a new and dangerous Windows ransomware campaign using COVID-19 as bait.
This latest critical warning involves, according to the Microsoft security advisory, a “type 1 font parsing remote code execution” flaw that means attackers could leverage unpatched vulnerabilities in the Adobe Type Manager library. Note the use of the plural there, as Microsoft has warned two vulnerabilities exist, which could enable an attacker using a specially crafted document to exploit them. Both are in the way that the type manager handles a malicious multi-master font in Adobe Type 1 PostScript format. Opening that malicious document, or even viewing it in the Windows Preview pane, is all that it takes to exploit successfully.
Today In: Cybersecurity
“Microsoft is aware of this vulnerability and working on a fix,” the advisory said, adding that “updates that address security vulnerabilities in Microsoft software are typically released on Update Tuesday.” Which rather suggests that a fix isn’t coming before the next Patch Tuesday round.
Until then, Microsoft said users could apply a workaround of disabling the review and details panes in Windows Explorer to prevent malicious files from being viewed. Even then, though, this won’t stop a local and authenticated user from running a program that is crafted to exploit the vulnerabilities.

[sofiac]

NIST SP 800-46 Rev. 2 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security might be a good place to start for organizations looking to develop a security program around telework. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-46r2.pdf

• This reply was modified 10 months ago by sofiac.

[Author]

Replies