Cyber Security Monster

Using Home Computers
To Access The Office

Telecommuters Beware

For many, telecommuting is a welcome part of modern life.

However, home computers present a cyber security challenge to the worker and the corporate network.

 

Here are the top three vulnerabilities of connecting from home computers:

 

  1. Unknown Patching Levels.

    In your corporate network, IT experts control the updates. We patch the PC’s with the latest updates, using automated tools.

    For home computers not under IT control, patching is erratic or ignored.

  2. Users have ‘local administrator’ rights.

    This opens a big door for cyber security monsters.

    In most home computers, the user/owner has local administrator rights. This makes it easy to install software. On the flip side, that ease of bypassing security controls dramatically increases the risk of infection from viruses, malware, ransomware, and other cyber security breaches.

    For more information, visit our blog article on ‘take away your own rights’.

  3. Home computers have unknown installed software.

    For company-owned computers on the corporate network, IT support agents routinely scan the computers for unauthorized software and other cyber security risks. Telecommuters using home computers without assistance from IT support experts lack these protections.

Best Practices for Home Computers Accessing the Corporate Network

 

  1. Best. Install Citrix on the corporate network

    Citrix is ‘remote access’ software installed on the corporate network to accept inbound connections. With Citrix installed, the home computers can only access authorized programs protected by the firewall and by other controls that IT support provides.

    In addition, Citrix provides flexibility to connect remote users using any modern Operating System—Windows, Mac, iPad, Android, etc.

  2. Second Best. Install Terminal Server behind a VPN (Virtual Private Network).

    Like Citrix, remote computers using Terminal Server access the network under the protections that IT experts have configured.

    However, since Terminal Server does not provide as much protection as Citrix, the remote user also needs to have the IT department install VPN (Virtual Private Network) software on the remote computer. This can be an involved process.

    Once installed, users first start the VPN. Then they remote connect to the corporate network.

    This extra layer of protection is particularly important when accessing over public Wi-Fi.

 

Other Recommendations Regarding Home Computers for Work

 

  1. If an employee is going to routinely work from home, it would be ideal for the company to supply a laptop for business purposes.

    This would allow the corporate IT support experts to install and maintain full control over the use and cyber security protection of this device.

  2. Home users should adopt best practices and use a non-administrator account for day to day use. The computer would still have a separate Administrator account only to install approved software. For ‘how to’ instructions, visit our blog article on ‘take away your own rights’ or call an IT expert at MBSG.

  3. Install mainstream anti-virus software such as Windows Defender, Symantec, Trend Micro, or Avast. Run anti-virus and Windows updates automatically and/or frequently.

  4. Install Malwarebytes, in addition to anti-virus software.

  5. Make sure that your firewall is turned on.

  6. Routinely review the installed programs and uninstall any programs that aren’t recognized.

  7. Backup your home data to a local USB drive or to a cloud based service like Carbonite, iDrive or Backblaze. Best practices are to have both a local backup and an offsite backup.

About MBSG IT Consultants

 

MBSG provides outsourced IT support and IT strategy--on the ground and in the cloud.

MBSG cyber security experts assess corporate infrastructure for information security risks and vulnerabilities. We recommend how to improve cyber security defenses. MBSG provides business owners and managers an independent, second opinion to protect their company.

For more information or to ask a question, contact MBSG.