JOSHUA LIBERMAN still remembers the first work-from-home (WFH) PC he helped set up for a client. It belonged to the CEO of a $15 million business who had owned it for 14 years, shared it with other family members, and used it on a Wi-Fi network without even WPA in place. The device had anti-virus software, but the license had expired roughly seven years earlier.
For Liberman, who is president of Albuquerque, N.M.-based solution provider and MSP Net Sciences, that was just the beginning of a wider, now familiar challenge.
“We had this kind of perfect storm where we had to provide access to genuinely terrible machines on miserable networks and insecure connections,” recalls Liberman of those frantic early days after COVID-19’s arrival. “Security was an afterthought. We had to connect people first and there was just no chance that we were going to get the time, much less presence in the home, to do the things we needed to do to truly secure these connections.”
Hard as it is to believe, however, half a year has passed since coronavirus-inspired lockdowns first turned millions of office dwellers into instant telecommuters. Channel pros like Liberman have used those months to learn valuable lessons about keeping remote workers safe.
Good thing too, because WFH employees are not only using personal PCs on unprotected networks, they’re doing so with kids underfoot, a recession underway, and the path toward an end to the pandemic still far from clear—all of which makes them ripe targets for hackers.
“You have users who are in various states of certainty and uncertainty, and the bad guys know this,” says Rob Boles, president of BLOKWORX, a managed security service provider with offices in Arbuckle and Larkspur, Calif. That’s one reason ransomware attacks were up 109% year over year in the U.S. during the first half of 2020, according to SonicWall.
Simply waiting out that cybercrime wave isn’t an option either, because the WFH phenomenon is here to stay. Indeed, businesses globally expect 25% of their staff to work remotely even after COVID-19 is behind us, according to a July study by network and application performance management vendor Riverbed.
Safeguarding remote workers now and into the future, experts say, begins with the basics, like deploying endpoint security and DNS filtering systems on home-based endpoints, and patching those devices. Multifactor authentication software is a must too, according to Rory Sanchez, CEO of True Digital Security, a security solution provider with locations in Florida, New York, and Oklahoma.
“Almost every phishing attack that we’ve seen could have been prevented with multifactor authentication,” he says.
If your customers use Microsoft’s remote desktop protocol (RDP) technology to connect with office PCs, turn your attention there next. Too many channel pros desperate to get clients online earlier in the year used unsecured RDP connections. “I literally as an operator cannot count the times in the last six months that we’ve been called to remediate or help clean up an environment because of ransomware due to RDP open to the internet,” Boles says. “The risk is tremendous.”
A good, solid VPN solution will help mitigate that risk, but proxied RDP services, like the one from TruGrid that Liberman uses, are an option too. Such systems redirect RDP traffic to cloud-hosted servers that inspect and clean it before sending it to its destination. They also share reporting data.
“We can get alerts about multiple failed connections. We can get alerts about what I call ‘geofence hopping,’ or basically connections that are coming from IPs or regions that they shouldn’t be,” Liberman explains.