网络安全提示-远程工作建议

新型冠状病毒肺炎

FUD(恐惧，不确定) & 在风险领域，“怀疑”是一个非常熟悉的术语. 新型冠状病毒肺炎疫情让我们大多数人感到意外. Governments around the globe have decided to opt for measures that lead towards 'delaying' the peak situation in their fight against 新型冠状病毒肺炎. 这些措施要求人们呆在家里保持社交距离.

远程工作

对许多公司来说，在家办公并不是一项新举措, 新型冠状病毒肺炎 is forcing organisations to prepare for remote working on a greater scale and longer periods. This popularity of remote working solutions due to 新型冠状病毒肺炎 outbreak undoubtedly brings more attention from threat actors. In this blog post we will share how businesses and individuals can protect themselves from cyber-attacks.

我们不能妥协的是网络安全.

家庭安全建议

遵循以下措施保持良好的保安卫生:

• Wi-Fi -通过更改默认设置遵循基本的安全加固指南. Set new passwords by changing default passwords (usually found at bottom or back of the routers). 如果您从未更改服务提供商提供给您的Wi-Fi密码, 立即更改密码. 参考网站如 wikihow.com 对于这些措施.
• 密码-使用密码管理器来存储您的敏感信息. These password managers take away your pains to generate new hard to guess passwords making it easier. 有大量的开源和商业选择可供选择. 投资一个密码管理器可以节省你的钱和其他麻烦!
• Webcam - Whether you are a parent worried about kids safety on their workstations or don't want malware to take control of your devices, 确保你检查了网络摄像头设置. 在windows 10中，你可以在这里找到它. Settings - Camera privacy settings - Allow apps to access your camera - select which applications you want to allow access to webcam.
• Multi-factor Authentication - We strongly recommend you implement multi-factor authentication if available. 所有主要零售商, email and other 服务 providers offer multi-factor authentication to protect against password guessing and theft. 
• 打补丁——定期更新系统和软件，包括移动设备. 在现代设备上，当设备不使用时，用户可以很容易地在夜间安排更新.
• 恶意软件-定期修补设备上的所有软件, 笔记本电脑, 系统通过及时应用最新的软件更新. Use anti-virus as a minimum on all systems and turn on host firewall to create a boundary outside your network.
• VPN -在连接到公共或共享Wi-Fi连接时使用VPN. 投资一个安全的VPN (Virtual Private Network)，保证人身安全. 这个易于使用的软件在您的设备和VPN服务器之间创建安全连接. 投资一个知名的VPN软件, 或者，如果你想冒险，你可以免费托管自己的VPN.
• Phishing - T在这里 is increase in phishing activity misusing 新型冠状病毒肺炎 related subjects targeting remote workers. 鉴于在家工作机会的普及, 招聘是威胁行为者盯上的一个有利可图的话题.
• 备份-确保您的设备配置为定期备份. 确保备份以安全的方式存储在安全的位置. 备份不能存储在连接到源设备的磁盘上.
• 不要混搭——尽量不要在工作中使用个人设备，反之亦然. This would help you segregate both areas and act as deterrent in case your personal or work information/devices are compromised.

准备你的生意

Organisations require to be more resilient than ever to protect their assets exposed to the internet. IT teams are under undue pressure to ensure their organisation is ready with all tools needed for users to work from home. During these changes, t在这里 are often blind spots for organisations that could be left unguarded. Quite often organisations allow access to internal assets via remote access solutions after successful authentication. This single point of entry routes to an organisations' internal network makes remote access solutions an attractive target for threat actors.

• New Services and Documentation - It is likely that changes have been rolled out to expose certain applications/software or roll out new software (for e.g. 视频电话会议应用). Consider producing user guides for such situations including ensuring the staff on how to report cyber security incidents. 指 建设工作的指导 推行“软件即服务”应用. 
• Cyber Security 培训 - Cyber security training is more important than ever for employees working remotely. 推出突出远程工作内容的网络安全培训包. 内容应涵盖有关如何保护和报告网络钓鱼的领域, 使用和存储凭证并保护您的设备.
• 安全信使——毫无疑问，远程用户将面临设备故障的问题, 或需要修理或更换. Organisations must ensure that secure courier deliveries are utilised along with device hardening measures such as full disk encryption, Bios密码(用户), 可移动媒体限制, 等.
• Securing VPN (Virtual Private Network) - VPNs act as entry points to an organisations' internal network. 除非你的组织完全采用了零信任的网络方式, VPN访问很可能是完全访问内部资源的唯一方法. 在这些远程工作的情况下, employees require 24x7 access to internal resources that range from company intranet to various task dependent 服务s. 以下措施可以帮助企业为使用VPN做准备:
  • 身份验证- VPN访问应该使用多因素身份验证.
  • 协议—IPSec和TLS vpn为企业提供安全的远程接入. 对于许多企业来说，SSL/TLS VPN和IPSec VPN都在使用.
  • Client Security - Consider client certificates for machine authentication when using VPN 服务s.
  • 隔离——考虑环境中的隔离, 服务, 确保VPN用户不会有多余的访问权限. 审计 您的隔离措施，以验证您的控制.
• Securing Work Devices - Review your secure hardening practices in use for employees’ 笔记本电脑 and devices. This includes operating system/build hardening measures specifically software restrictions (install/execution rights), 浏览器插件限制, Bios的保护, 可移动媒体限制, 加密和防病毒配置. 为员工提供安全的替代方案，如文件传输和协作工具.
• 日志记录和监视——事件日志记录为您提供了对用户操作的可见性, 设备和部署到的网络. 警报/监控为您提供了对异常活动的持续关注.
• Backup - Review backup capabilities to check security of backups process and test using backup restore tests.
• 〇应对网络攻击
  • Cyber security/incident response teams must be on standby in case of estate wide incidents such as ransomware, 网络故障, 数据泄露，内部系统可能暂时无法使用. 向内部提出问题, 与BCP等内部团队保持联系, DR, 基础设施支持, 通信, HR & 公关部门.
  • 检查您的备份系统，包括让事件处理小组并行工作所需的流程. 这包括工作站、连接、通信，如电子邮件、电话、VoIP.
  • 由于大量使用远程访问解决方案, 检查你拦截间谍软件的能力, 过滤恶意域名url, 阻断可疑流量(C2C), 非标准端口使用, DNS, url).

让我们以一些明确的提醒来结束:

• Don't expose RDP 服务s on the internet without added measures such as multi-factor authentication.
• 不要将VPN用户暴露给整个组织. 这对于作为组织一部分的承包商/外部供应商来说非常重要. Ensure that access restrictions are reviewed and business critical and sensitive assets such as domain controllers, 数据库, HR和其他业务系统使用内部防火墙/ vlan隔离.
• Adapt to jump boxes concept w在这里 temporary allocation of users in restricted environment allows access on need only basis.
• 不要把钱花在更多的产品上，使你的环境复杂化. 检查当前的堆栈，看看在哪些地方可以利用当前的设置. 例如, AppLocker通过组策略, 主机防火墙策略, advanced audit configuration are all part of modern active directory set ups that can save you costs and complexity.

网络安全是最有效的，当它是主动的. 通过在漏洞被利用之前识别弱点，您可以确保网络的完整性. 对于处于网络安全成熟初期的企业来说, 尤其是小企业, 我们创建了一篇博客文章 给中小企业的5条建议 肯定会改善他们的安全状况. 频繁的 安全评估 同时创建一个更有效的系统, helping to prevent data loss and minimise any downtime that would affect your business and your customers. 您可以找到更多的信息，包括我们的服务，方法信息 在这里.

为什么选择defenza来帮助你?

defenza是一家提供网络安全咨询的专业提供商, 培训服务和托管安全服务. 我们提供真正独立的第三方意见, 无偏见的专业知识，没有任何倾向于供应商合作关系, 转售或推广任何安全产品. We pride ourselves in being a partner of choice for our clients and helping with their IT security and compliance requirements.

Our experience in the financial 服务s industry extends to the broadest set of technological choices in use across Tier 1, 二级银行业务, 保险及其他金融服务业务. 可能是银行转型项目, ATM网络, 高风险平台，如期货交易, 投资银行产品, 智能卡认证设备, we have the skill-set to deliver you the required validation against your development and implementation. 阅读我们的 金融行业洞察 了解更多十大网博靠谱平台工作的信息.