Working from home can be a blessing and a curse. Allowing your staff to work from home promotes healthy work-life balance, encourages steady and consistent workflow, and enables you to attract the best talent. According to a 2016 study by Deloitte, millennials value work-life balance higher than all other job characteristics. This includes job progression, use of technology, and sense of meaning at work.
Here's the curse part: remote desktop is one of the most popular ways cybercriminals can penetrate and attack your company's network. We are seeing a rise in ransomware that uses remote desktop protocol (RDP) to get into the system and encrypt or steal the data.
Make sure you have the right security measures in place before you allow your employees to remote in while working from home.
Why is remote desktop so popular for hackers?
It's easy - anyone can do it! Right now I want you to open a new tab and type into Google: "how to hack RDP." Crazy, right!? Hackers are literally just a password away from getting the job done. If your employee has an extremely easy password like, "password," which happens to be one of the most popular passwords in the world, then it's not a matter of if your company will get hacked - it's a matter of when.
So what can you do about it?
You can't just tell your employees that they can't work from home, but you also can't leave your most precious data vulnerable. So here's what you do:
Implement a password policy
Require two-factor authentication
About a password policy:
Ask your IT service provider to create a password policy for you. This includes rules about letters, numbers, unacceptable passwords, frequency of password changes, etc.
About two-factor authenication:
Your IT service provider will also be able to create a two-factor authentication system, meaning your employees will have to claim their identity by utilizing a combination of two different components. Think of it like the front door to your house. You probably have a lock and a deadbolt. So if someone wanted to break in and they could pick a lock, they would still be stopped by the deadbolt. Programs like DUO utilize an OOB, out-of-band, form of authenication using a completely separate channel, such as a mobile device, to authenticate a transaction originated from a computer.
What about VPN?
As opposed to RDP, which gives your employee the ability to remotely control their computer at work, a virtual private network (VPN) gives a device unfettered access to your company's network. While VPNs provide an extra layer of privacy by encrypting a device’s internet connection, giving an unauthorized device unfettered access to your company's network will make your company vulnerable.
For more information on how to set up a secure way to allow your employees to work from home, contact BlackPoint IT today at 866.575.9512 or fill out our contact form and we'll call you.