When considering allowing staff to work remotely from home, your business must consider the security implications of allowing remote access to the businesses private network. By implementing strict access control methods, the threat of unauthorised access to your private networks can be mitigated or prevented.
One method of managing access control is handled via the firewall. The firewall controls which public networks can have access to your private network. The firewalls will need to be maintained for all remote staff computer workstations and the private business network and servers. The firewall is like a security guard with a list, it checks the list and if the network is not on the list it is not allowed in
Regardless if staff are connecting via the Remote Desktop protocol
(RDP), Secure Socket Shell
(SSH) or via a Virtual Private Network
(VPN), the firewall must be maintained and updated on both endpoints. If you are using the default firewall settings, chances are that anyone on the planet can attempt to remotely access the remote staff workstation or the business server. Each public network is assigned a value that identifies the network, this value is called an IP address. An access control list can be created to determine what IP addresses are allowed to connect remotely to your remote business workstations or the server (this includes cloud based and local severs).
It is more secure for your staff to connect remotely to your businesses private network using workstations provided by and controlled by your business. Your cyber security team will require access to these remote staff workstations. They will need to maintain the firewalls of these remote staff workstations. By doing so, your business can mitigate the threat of a cyber criminal compromising a remote staff workstation to use it as a hub to access your private business network
Firewalls should be configured with theprinciple of least privilegewere all network ports, apart from the ports required for business operations are closed (Think of a network port as being a door or a window). If a network port needs to be open, a cyber security professional can assess the security of that port and determine the conditions for access to that port.
If all this sounds confusing for you, then its best for you to hire a qualified cyber security professional. Business should avoid outsourcing cyber security tasks remotely to cheap overseas labour. Cyber security professionals have intimate access to your business systems. Cheap overseas labour is well known to sell stolen business information on the international information blackmarket, this is a very profitable criminal activity. Freelancer websites have been compromised, for example in 2023 the FBI warned of North Korean spies posing as IT workers. This is why is its best to opt for a local security professional.
To use an analogy, consider the firewall like the castle walls for your business, the firewall will prevent the hordes of cybercriminal barbarians from infiltrating your castle. However, the castle wall will not do this job on its own, guards will need to be posted and provided information on who is allowed in or out of your castle. Consider your businesses private server as the main castle and the remote staff workstations as encampments. You must fortify the walls of your encampments and your castle. You must regularly provide intel to your guards of who is allowed access to your castle or encampments. This is done by regularly hiring cyber security professionals to fortify your perimeter by updating the access control lists of who is allowed to remotely access your remote workstations or your private server.
When was the last time that your business updated and fortified its firewalls? Best to play it safe and contact an Australian trained cyber security professional today.