The dangerous “Backoff” malware has been found to attack point of sale (POS) systems by gaining unauthorized access to the company’s network by exploiting weaknesses in common remote access tools. The threat that your company’s network could face from your employees’ remote access, however, runs much deeper and wider than just Backoff. A 2012 experiment found widespread, fundamental security gaps in multiple wifi hotspots tested.
The benefits of flexible access and BYOD policies must be balanced with the additional risks from employees using wifi connections with weak security to access your systems from unprotected laptops or smartphones.
To protect the security of corporate networks and even the safety of employees, companies must proactively educate anyone with remote access or access via personally owned devices how to stay safe while working remotely.
Help Employees Stay Secure Working Remotely
Any laptop or device that will be allowed remote access into your corporate networks must first be configured correctly to ensure a secure connection from wherever the employee may be working. It is important to manage your company-issued machines and, if possible, work with employees to use proper settings on their own devices to:
- Enable the internal firewall.
- Use SSL, TLS, or SSL/TLS email settings.
- Change the default email port number.
- Establish a VPN connection option for remote employees.
Beyond the configuration steps you can take as an administrator, training your employees to use safe online practices in general and, specifically, to be careful where and how they access the internet (especially when they will be accessing sensitive corporate, client, or patient data) will help both you and the employee avoid potential risks, threats, and even a costly security incident.
