Three security changes to make immediately during work from home

IT companies are producing a lot of vague, “call us for a meeting today!” type articles these days. We always try to provide simple, actionable information. So here are three quick changes you can make to your IT environment that will impact your security immediately. All of these are low/no cost as an added benefit!

Implement multi-factor authentication (MFA)

How does stopping 100% of automated attacks sound? I still love this chart, it shows how something so simple can be such a large improvement. If you’re using Microsoft/Office 365, there is an MFA application built in for free. It cannot secure your on-premise environment without additional costs though. If you have an enterprise-class firewall, there is likely an MFA solution included, or you can look at something like Duo, which starts at $3/user/month (and is included with our monthly service plans).

Bonus item: move to a zero trust model

Some MFA systems will be bypassed when in the office or on company computers. Zero trust assumes that each step along the way - the office network or company computer for example - could be compromised. For instance if hackers load a remote access tool onto your laptop, and it is allowed to bypass MFA, then they simply wait for you to fall asleep and can get in. (At CGP, we are required three MFA prompts from the moment we get onto our computer to when we’re in a client’s network.)

Minimize your systems’ exposure to the internet

Many businesses have way too much open to the internet. Even VPNs should be locked down to only allow access to the needed resources. There are free portscan tools to check your servers, use one of these to look for high risk ports such as remote desktop (RDP, which runs on port 3389 by default). Keep in mind that any modern port scan tool will not be fooled by changing ports, so that is not a valid defense.

Disable any unneeded user accounts, especially admin accounts

For every new client, we perform an audit of all active user accounts on the network. In almost every case, there are 20%+ that have not been in use and can be disabled immediately. These often include users with substantial permissions, and vendor accounts as well. If there is a phone vendor that only does work once a year, disable their account until they need it. If you have a vendor contracted for a six month project, did you know you can set their account to expire at that time?

While bad actors have not increased substantially, companies’ exposure has due to poor practices. Now is not the time to risk your business due to poor security. Better yet, contact a security first IT company for assistance today.