May 13 2020
Security

5 Ways for Teleworkers to Improve Cyberdefenses

The Center for Internet Security publishes guidance to combat security concerns affecting personal or home office workers.
Curtis Dukes is executive vice president of the CIS Security Best Practices and Automation Group.
by

Curtis Dukes is executive vice president of the CIS Security Best Practices and Automation Group.

The COVID-19 epidemic prompted more agencies than ever to allow their employees to work from home or telecommute. But home IT devices are still subject to many of the same threats as onsite business devices. Unsecured offsite routers, modems and other network devices can cause big headaches for government networks. Poorly configured home devices can negatively affect entire organizations. They can be attacked from any device on the internet, and they are also vulnerable to unauthorized access from neighbors and passersby. 

The CIS Controls Telework and Small Office Network Security Guide helps combat security concerns affecting network equipment meant for personal or home office use. The guide can be downloaded at no cost. It covers the entire lifecycle of home network equipment usage, including initial purchase, configuration and safe disposal. It also provides an easy checklist employees can complete by assessing their networks and then return to their IT department for review.

StateTech Insider StateTech Insider

Best Practices for Securing Telework

Here are some suggestions teleworkers can implement now to improve their cybersecurity: 

  1. Practice smart password management and enable two-factor authentication. This also applies to accessing the administrative router/modem, internet service provider web portal or mobile app used for home network management. Anyone with access to these platforms can also access sensitive information traversing the home network and modify critical security settings within the network.

  2. Enable automatic updates for all routers and modems. Software updates are extremely important as new security flaws are discovered. Simply installing updates from the device manufacturer mitigates many of these problems. This is best accomplished by enabling auto-update on the device’s administration page. 

  3. Turn off wireless protected setup and universal plug-and-play. WPS was initially designed as a user-friendly method for new devices to connect to a Wi-Fi network. Unfortunately, it’s been an easy way for attackers to connect to Wi-Fi networks without permission. UPnP is a network protocol suite that allows devices on a network to easily communicate, but it has been found to contain numerous and severe security flaws. Correcting these two settings can have a positive impact on home network security.

  4. Turn on WPA2 or WPA3. Old and ineffective types of cryptography plague older network devices. Ensuring strong forms of cryptography are in use within home networks can thwart others who try to view sensitive information without authorization. At a minimum, configure WPA2 for home use. 

  5. Configure the router/modem firewall. Firewalls help prevent malicious network traffic attempting to enter a network from reaching specific devices. Firewalls generally come built into most home routers, but they must be properly enabled.

The Center for Internet Security makes the connected world a safer place for people, businesses and governments. We are a community-driven nonprofit, responsible for the CIS Controls and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals who continuously refine these standards to proactively safeguard against emerging threats. 

Our CIS Hardened Images provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center, a trusted resource for cyberthreat prevention, protection, response and recovery for U.S. state, local, tribal and territorial government entities; and the Elections Infrastructure Information Sharing and Analysis Center, which supports the cybersecurity needs of U.S. elections offices. 

To learn more, visit CISecurity.org or follow us on Twitter @CISecurity.

Prioritize Security for a Remote Workforce

Everyone has finally settled into remote work. Is your IT security strategy updated and aligned?

Leave no stone unturned for remote teams using a variety of devices from thousands of locations, write CDW security solution architects Jeff Falcon and Paul Shelton.

Among the first steps: “You need to cover cloud access security and endpoint protection while scaling up security resources,” they write. “VPN capacity needs to be tackled to provide the ability to access resources remotely from new places.” 

IT leaders may also consider added protection mechanisms — such as data loss prevention and cloud access security brokers — to put guardrails around teams to secure traffic and data.

Consistency must guide all efforts. Don’t let customer service teams download Zoom, for instance, while leadership opts for Cisco Webex. A better option is to partner with CDW or another solution provider and get set up with an enterprise trial for the entire organization. 

Read Falcon and Shelton’s full advice for remote work on the CDW Solutions Blog.

skynesher/Getty Images

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now