{"id":4883,"date":"2020-08-04T13:53:53","date_gmt":"2020-08-04T01:53:53","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=4883"},"modified":"2020-08-04T13:53:53","modified_gmt":"2020-08-04T01:53:53","slug":"is-cyber-security-important-at-work-what-about-working-from-home-wfh","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=4883","title":{"rendered":"Is Cyber Security important at work? What about Working from Home (WFH)?"},"content":{"rendered":"

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”4.9.1″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ sticky_enabled=”0″]<\/p>\n

The best way that security can be managed when Working From Home (WFH) is to ensure the WFH devices are known to be patched, have AV, and are monitored.<\/span><\/p>\n

There is always going to be a risk if the device is not monitored as you won\u2019t know what the patch\/AV status is, therefore to ensure optimal security the device should be proactively monitored. It is especially important on home PCs that might be shared with other users.<\/span><\/p>\n

For businesses that have on-premise infrastructure, there should ideally be an RDS (Remote Desktop\/Terminal Server) which they connect to via RD Gateway which provides an encrypted connection using SSL a certificate and the RD Gateway should have MFA enabled on it.<\/span><\/p>\n

\u00a0All accounts should have password complexity (ideally 10 characters or longer).<\/span><\/p>\n

\u00a0All Office 365 accounts should be protected with MFA regardless of whether they have on-premise infrastructure or not.<\/span><\/p>\n

At Kinetics we have three services that protect your business whether you are WFH or in the office.<\/span><\/strong><\/p>\n

1. Ensure Kare is on your WFH Devices.<\/span><\/h2>\n

Keeping all PCs up-to-date with antivirus, Windows, and Office update along with other common software is vital when the devices are used for WFH – making sure your backups are 100% and running a regular test remains critical in the event of an urgent file or system recovery.<\/span><\/p>\n

\"\"<\/p>\n

\u00a0When it comes to WFH we must ask what more can we do? We must keep exploring new tools and devoting more effort and resources than ever before to security. There is more that we can do, and more we need to do to protect those WFH devices.<\/span><\/p>\n

That\u2019s why we have added \u2018KARE for Security\u2019, to step beyond the traditional protections and look to use the newer tools and techniques.<\/span><\/p>\n

2. Introduce Kare For Security<\/span><\/h2>\n

\u00a0<\/span>Governance<\/span><\/strong>\u00a0\u2013 typically an annual process to re-affirm business policies and procedures, considering what are the key data assets to protect, and what \u2018rules\u2019 should be in place around them.<\/span><\/p>\n

For example<\/span><\/p>\n

    \n
  • If the machine isn’t owned by the business, do you have permission from the machine owner to install business software tools and business protection suites on the machine?<\/span><\/li>\n
  • Likewise, does the machine meet the specifications necessary to support the work being done?<\/span><\/li>\n
  • Does the work environment meet your health and safety requirements?<\/span><\/li>\n
  • Does the work environment meet your requirements for confidentiality?<\/span><\/li>\n
  • Will any video-calls breach the privacy of the home-worker or anyone else in the home?<\/span><\/li>\n<\/ul>\n

    \"\"<\/p>\n

    Prevention and Detection<\/span><\/strong>\u00a0\u2013 the day to day activities to keep your data safe to meet the requirement identified in the governance section. This is a highly dynamic area as new tools emerge all the time, and we need to review it regularly to make sure we have the right settings in place. This will vary as new protection layers become available a<\/span>nd relevant. In the current edition of KARE for Security, we include prevention tools like DNS \u2018curation\u2019 \u2013 blocking access to URLs that aren\u2019t trusted; multi-factor authentication \u2013 going beyond passwords for providing access; ATP blockers \u2013 testing email attachments before they come to users to make sure they don\u2019t introduce unexpected elements including ransomware; deep scan anti-malware to more aggressively detect infiltrations; security reporting on file access and rights exceptions; and training \u2013 phishing tests, eLearning and security presentations.<\/p>\n

    Recovery<\/span><\/strong>\u00a0\u2013 There is always a chance of something striking. Ultimately, there needs to be a system in place for recovery, and that means good backups, monitored daily, ideally with backups occurring frequently during the day to reduce the time lost if a recovery is necessary.\u00a0<\/span><\/p>\n

    \u00a03. Conduct a Kare Security Review<\/span><\/h2>\n

    \u00a0Do you understand where you currently stand?<\/span><\/p>\n

    You need to be proactive to identify any threats and vulnerabilities your business is facing by conducting a KARE Security Review.<\/span><\/p>\n

    It\u2019s a structured review with over 50 Business and Technical questions that focus on Cyber Security and Governance. In this 90-minute interview, we help you discover how to leverage the best of Cyber Security strategies and technologies to propel your business forward, engage your staff, and strengthen your security posture.<\/span><\/p>\n

    [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

    The best way that security can be managed when Working From Home (WFH) is to ensure the WFH devices are known to be patched, have AV, and are monitored. There is always going to be a risk if the device is not monitored as you won\u2019t know what the patch\/AV status is, therefore to ensure […]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"The best way that security can be managed when Working From Home (WFH) is to ensure the WFH devices are known to be patched, have AV, and are monitored.<\/span>\n\nThere is always going to be a risk if the device is not monitored as you won\u2019t know what the patch\/AV status is, therefore to ensure optimal security the device should be proactively monitored. It is especially important on home PCs that might be shared with other users.<\/span>\n\nFor businesses that have on-premise infrastructure, there should ideally be an RDS (Remote Desktop\/Terminal Server) which they connect to via RD Gateway which provides an encrypted connection using SSL a certificate and the RD Gateway should have MFA enabled on it.<\/span>\n\n\u00a0All accounts should have password complexity (ideally 10 characters or longer).<\/span>\n\n\u00a0All Office 365 accounts should be protected with MFA regardless of whether they have on-premise infrastructure or not.<\/span>\n\n[wow_colorme]<\/span>\n\nAt Kinetics we have three services that protect your business whether you are WFH or in the office.<\/span><\/strong>\n\n[\/wow_colorme]<\/span>\n\n[header2 text=\"1. Ensure Kare is on your WFH Devices.\" align=\"left\" color=\"#3ec940\" margintop=\"\"]<\/span>\n\nKeeping all PCs up-to-date with antivirus, Windows, and Office update along with other common software is vital when the devices are used for WFH - making sure your backups are 100% and running a regular test remains critical in the event of an urgent file or system recovery.<\/span>\n\n\"\"\n\n\u00a0When it comes to WFH we must ask what more can we do? We must keep exploring new tools and devoting more effort and resources than ever before to security. There is more that we can do, and more we need to do to protect those WFH devices.<\/span>\n\nThat\u2019s why we have added \u2018KARE for Security\u2019, to step beyond the traditional protections and look to use the newer tools and techniques.<\/span>\n\n[header2 text=\"2. Introduce Kare For Security\" align=\"left\" color=\"#3ec940\" margintop=\"\"]<\/span>\n\n\u00a0<\/span>Governance<\/span><\/strong>\u00a0\u2013 typically an annual process to re-affirm business policies and procedures, considering what are the key data assets to protect, and what \u2018rules\u2019 should be in place around them.<\/span>\n\nFor example<\/span>\n

      \n \t
    • If the machine isn't owned by the business, do you have permission from the machine owner to install business software tools and business protection suites on the machine?<\/span><\/li>\n \t
    • Likewise, does the machine meet the specifications necessary to support the work being done?<\/span><\/li>\n \t
    • Does the work environment meet your health and safety requirements?<\/span><\/li>\n \t
    • Does the work environment meet your requirements for confidentiality?<\/span><\/li>\n \t
    • Will any video-calls breach the privacy of the home-worker or anyone else in the home?<\/span><\/li>\n<\/ul>\n\"\"\n\nPrevention and Detection<\/span><\/strong>\u00a0\u2013 the day to day activities to keep your data safe to meet the requirement identified in the governance section. This is a highly dynamic area as new tools emerge all the time, and we need to review it regularly to make sure we have the right settings in place. This will vary as new protection layers become available a<\/span>nd relevant. In the current edition of KARE for Security, we include prevention tools like DNS \u2018curation\u2019 \u2013 blocking access to URLs that aren\u2019t trusted; multi-factor authentication \u2013 going beyond passwords for providing access; ATP blockers \u2013 testing email attachments before they come to users to make sure they don\u2019t introduce unexpected elements including ransomware; deep scan anti-malware to more aggressively detect infiltrations; security reporting on file access and rights exceptions; and training \u2013 phishing tests, eLearning and security presentations.\n\nRecovery<\/span><\/strong>\u00a0\u2013 There is always a chance of something striking. Ultimately, there needs to be a system in place for recovery, and that means good backups, monitored daily, ideally with backups occurring frequently during the day to reduce the time lost if a recovery is necessary.\u00a0<\/span>\n\n\u00a0[header2 text=\"3. Conduct a Kare Security Review\" align=\"left\" color=\"#3ec940\" margintop=\"\"]<\/span>\n\n\u00a0Do you understand where you currently stand?<\/span>\n\nYou need to be proactive to identify any threats and vulnerabilities your business is facing by conducting a KARE Security Review.<\/span>\n\nIt\u2019s a structured review with over 50 Business and Technical questions that focus on Cyber Security and Governance. In this 90-minute interview, we help you discover how to leverage the best of Cyber Security strategies and technologies to propel your business forward, engage your staff, and strengthen your security posture.<\/span>","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-4883","post","type-post","status-publish","format-standard","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/4883","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4883"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/4883\/revisions"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4883"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4883"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4883"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}