Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Working from home? An assessment is long overdue.

by Erik Briceno

If you’re like many organizations right now, you’ve probably embraced a work-from-home policy. But are you implementing it securely? Enabling workers to access the systems and data they need from home can create a wide range of cyber risks that attackers can be quick to exploit. Here are some of the most critical vulnerabilities that enterprises of all sizes need to watch out for.

VPN Misconfigurations

Organizations commonly use Virtual Private Networks (VPNs) to enable remote workers to access corporate applications and data. Your chosen VPN solution should be reviewed to ensure that it is hardened to prevent attackers from accessing your network and intercepting communications. This includes ensuring that VPN split-tunneling — used to reduce impact on bandwidth — is implemented as securely as possible.

Cloud Misconfigurations

Flaws in the way that cloud platforms and software as a service (SaaS) applications such as Microsoft 365 and G Suite are set up could leave data and assets exposed. Your cloud and hybrid environments should be thoroughly inspected to identify risks and provide guidance to help ensure workloads are hardened in line with the latest security best practices.

Improper Access Controls

To ensure remote workers are able to access the systems they need outside the office, many organizations relax security settings such as IP address whitelisting. Use of access management technologies such as cloud access security broker (CASB) and zero-trust network access (ZTNA) can help to reduce risk, but these tools aren’t always optimally configured. All-access controls should be reviewed to ensure that they are implemented securely and configured with the latest threats in mind.

Bring-Your-Own-Device

Working from home? An assessment is long overdue.BYOD is the practice of allowing employees to use their own devices to access company networks. Some organizations use remote access technologies, application containers and application wrapping to mitigate the associated risks, but these need to be implemented securely. Your organization’s BYOD policy and controls should be reviewed to help identify where and how improvements can be made.

Firewall Misconfigurations

Firewall misconfigurations can provide an opportunity for an attacker to obtain easy access to a network, install malware, and conduct command-and-control activity. You should review your organization’s firewall settings to identify open ports and brush up on firewall policies to help ensure they adhere to the principle of “least privilege.”

Remote Desktop Protocol Flaws

Remote Desktop Protocol (RDP) is used by remote employees to connect to and access servers and other devices. It’s imperative to check that RDP is configured securely and free of vulnerabilities which could allow cybercriminals to remotely take over unpatched devices.

This list may seem like a lot of items to go over, but a proper assessment of each component is absolutely necessary. We understand that you’re trying to manage an organization and may not have the time or knowledge required to go through everything with a fine-tooth comb -—especially now during a time that many businesses are struggling to keep up. Let V2 give you a remote work security assessment. It will take a lot off your plate and will ensure your organization’s security both during and after the pandemic.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Working from home? An assessment is long overdue.
Working from home? An assessment is long overdue.