Coronavirus has disrupted daily life for so many around the world in a shockingly short span of time. Lifestyles have shifted. A new normal, albeit a panic-stricken one, has set in. One-third of the global population is under lockdown to slow the spread of coronavirus. Many organizations have adopted temporary work-from-home measures to keep themselves up and running.
Sysadmins are tasked with ensuring that business continuity is not compromised even in the face of significant disruptions from events like the COVID-19 outbreak. Apart from enabling employees to access organizational resources remotely, it is a sysadmin’s job to ensure that security is not compromised during these crucial times.
In light of economic uncertainty, organizations can’t afford to let a costly security breach occur. When an organization’s corporate devices are used for personal needs, one wrong application is all it takes to put corporate data at risk from a security breach. One thing coronavirus has taught us is that a complete lockdown could turn out to be the best solution for battling this pandemic. Similarly, when corporate devices leave the security of your network, locking down devices might be your safest bet.
Thanks to SaaS applications, a browser and a good internet connection are all it takes to get work done remotely. To ensure the security of data handled by SaaS applications, browsers should be hardened. Here are some best practices for sysadmins to ensure data security while working remotely.
Prevent drive-by attacks
Drive-by attacks are one of the most commonly used malware delivery methods. Cybercriminals identify unsecure websites and inject malicious code into them. When unsuspecting users land on such pages, malware is downloaded onto their system. These downloads often happen without any user interaction.
To prevent users from landing on harmful websites, be sure to enable safe browsing for Chrome and Firefox and the SmartScreen filter for Microsoft Edge and Internet Explorer. These features ensure users don’t land on infected websites.
Sysadmins should also use a web filter solution to restrict downloads to trusted websites. That way, if users land on malicious websites despite safe browsing mode and the SmartScreen filter, malicious downloads are still blocked.
Detect and remove harmful add-ons
When users add extensions on their browsers to enhance their browsing experience, those extensions require permissions from the user to access various aspects of their browser. After all, no one really offers anything for free on the internet; there’s always a cost. Once granted permission, many extensions can read the content present on any webpage the user visits, track browsing history, make changes to web content, and more. Any information present on a browser stops being secure once a user installs an extension from a questionable source or uses an extension that doesn’t have a properly secured cloud database.
North Carolina State University researchers found that as many as 60 million people are using browser extensions that leak data. With work-from-home policies blurring the lines between business and personal, extensions added for personal needs could be mining enterprise data as well. And as with the terms and conditions for other kinds of software, many users provide access to extensions without investigating the permissions being granted. Sysadmins need to keep track of the extensions installed on corporate devices and remove the ones that are not required for business purposes.
Ensure security and improve users’ productivity by blocking unauthorized applications
A good number of free applications are readily available on and off the cloud, and employees often use these tools to get their work done more efficiently. With no visibility into which applications are being used by whom and for what purposes, IT admins are left in the dark, trying in vain to control costs and ensure data security.
IT teams generally follow a meticulous procedure of evaluating an application in a test environment before authorizing it. They do this to avoid security breaches and eliminate any possibility of an application being incompatible with the organization’s current setup. When users enjoy these free applications without the approval of IT, they put corporate data at risk.
Sysadmins need to keep track of application usage to identify and block access to unauthorized applications. IT teams can lock down endpoints to restrict access to only authorized websites and applications, helping to improve productivity by limiting users’ access to unproductive websites and gaming applications.
At times like these when keeping track of corporate devices is a necessity, a unified endpoint management (UEM) tool can help sysadmins greatly. One such UEM solution, Desktop Central, can be used meter software, filter websites, restrict downloads, detect and remove harmful browser add-ons, and more. Endpoint management and security is essential to organizations regardless of where their users are situated. However, today, with users working remotely, the above security measures are a necessity to ensure corporate data is safe and employees remain productive.