COVID-19 is hitting countries hard and impacting every aspect of our personal and professional lives; and businesses have had precious little time to prepare. As many people adapt to new working practices of working remotely, the pressure is on for tech teams to keep their workforce operational and secure.
Digital Craftsmen wanted to share their experiences gained of having worked remotely for the last eight years - and provide a few valuable tips and advice for people responsible for keeping businesses and employees online and secure today in the uncertain time we are living through.
UPDATE 1 - 9 April 2020:
Cybercriminals are always on the hunt for new ways to break into your systems. Similar to using COVID-19 spread maps to target and localise their scamming and phishing (see below), they are also monitoring the rising popularity of VDI (virtual desktop infrastructure) software and protocols - and the attacks and penetration attempts on this popular work from home system has risen sharply by 30%. So, in case you are using this solution, as always stay safe, update frequently (as soon as a new version of software is available), and consider using it over secure VPN connections (see below, and here).
Here are a few tips and advice to start with:
Beware of phishing, scamming and cyber attacks
Cyber criminals are using the pandemic outbreak to cyber havoc and without mercy. For example a Czech hospital, one of the largest national centre for COVID-19 testing, was hit by a cyberattack. It's vital to remind employees working remotely to check each and every email and link they click on, because criminals will be taking advantage of the confusion of recent days and sending increasing sophistical phishing emails when people are just starting to get used to new working practices.
Cyber criminals also use live pandemic spread maps to direct their malware delivery and spamming efforts worldwide. Sure enough, my spam filter caught a sudden surge of COVID-19 related spam emails.
Don't let your workforce get caught out - there are excellent tips and advice here about safeguarding against phishing attacks and it's well worth using these to send out a reminder to be vigilant.
If you want to speak to industry verified ISO 27001 and Cyber Essentials Plus experts about keeping your business operations secure, let us know and contact us via the website. We want to help businesses to be secure - and are offering free advice and guidance in these difficult times.
Protect your network traffic
While it is always a good idea to protect network traffic generated by your public services (e.g. web server) by using HTTPS, this is not what we are talking about.
We are talking about protecting the traffic generated from maintaining and operating your IT estate, and especially that part that is managed/hosted by DCL, or on AWS, Azure, or any other IaaS cloud provider. This traffic carries some of the most business sensitive information, so this should be especially safeguarded. While this is often done by establishing a site-to-site IPSec VPN connection between your office and your IT service hosted elsewhere, remote working in times of lock down would not be protected by this solution. And semi-permanent working from home is here to stay. There's a lot more information about this on the ZDNet.com site here which is worth a read.
There are two possible solutions to this:
- To roll out a VPN solution allowing your employees to connect safely to your office network, and from there to connect via the site-to-site VPN connection to your IT services. Cumbersome, but doable.
- Alternatively, extend or deploy site-to-site VPN connections between your remote IT infrastructure and your employees, combined with provisioning fixed IP addresses for your employees' broadband connection. This way, you can control network traffic paths and further secure access to your IT infrastructure from known origins.
Fixed IP addresses, if not already part of your employees' ADSL broadband connection cost as little as £1 per month, depending on the provider. That small, almost undetectable cost in your IT budget goes a long way in helping securing your IT infrastructure in times of COVID-19 lockdown.
As part of the DCL managed hosting services we are offering all our customers a 5-connection remote worker VPN bundle for free. Check your hosting supplier is also offering something similar and if they're not then contact them to ask for it. This is an essential safeguard for all businesses.
Use online collaboration tools: Slack, Discord, Microsoft Teams and co.
Apart from using shared source code repositories such as GitHub (or self-hosted or cloud managed alternatives from Google, Azure, GCP and others) your teams need to communicate. This is where Slack and other online co-working tools come in handy.
Highly integratable, these tools offer both chat and voice communications. Almost all can be used as a web app (via the browser), stand-alone app, or as a mobile app. Voice quality is sufficiently good, depending on the available network bandwidth (see below).
These tools can be integrated with a multitude of services, such as:
- online collaboration tools (e.g. Google Suite, Ms Office 365, Zoho),
- DevOps toolchains (e.g. Jira, Jenkins, GitHub),
- Service Desk solutions (e.g. Zendesk, Freshdesk, and many others)
- Sales and CRM solution (e.g. Pipedrive, Hubspot)
Automated scripts (also known as chat bots) provide easy solutions to cumbersome repetitive tasks such as automatic channel assignment, daily summaries, and other little helpers.
- The right co-working tool can provide an experience that is similar to day-to-day office groups.
- Choose a tool that scales well with the number of chat and audio/video channels
- Choose a tool that provides a broad spectrum of integrations with other apps and services.
Don't forget the "last mile"
The best remote working preparation quickly becomes futile if your employees caught in lockdown have insufficient network bandwidth: Video connections lag or freeze, and all of a sudden your team lead in an important call starts to sound like a Dalek ("Hey, Dan, you are daleking!" is a frequent idiom in colloquial conference calls).
Not everyone lives in city centres or areas where fibre optics frequently provide ample bandwidth to the home. More often, particularly in rural areas, single-strand twisted copper wires are the norm.
These are relatively easy to resolve:
- Consider supporting your employees in lock down with an upgraded 'business service' broadband package that includes a (much) lower contention ratio. It also gets priority over the network
- Consider paying for a fixed IP address for your employees in remote work as that helps with securing remote access to your IT infrastructure (see above). Fixed IP addresses come in as low as £1 per IP address per month.
- Look to see what performance is like over 4G as that may be better bandwidth than broadband.
Ensure adequate remote work equipment!
Last but not least, the health and safety of your employees should be a concern as well. Supplying a laptop is almost never enough. Did you know that the HSE (UK Government Health and Safety Executive) oversees clear regulations for the health and safety for working with display screen equipment?
Laptop keyboards and screens are not designed for hours of screen work; for that you need an external ergonomic keyboard, an external mouse, a separate monitor, and a good-quality headset. Add in an adapter cable, and for as low as £150 - £200 on top of the laptop cost you have a decent set of remote working equipment available to your remote working employee. They will thank you for it.
- Display screen work is regulated by the HSE, and is also enforced for employees working from home.
- Invest in a standardised set of additional equipment, and scale it over all remote working employees
- Alternatively set a budget and let employees decide on which equipment (following baseline rules) they buy.
We hope that this little overview of how to start working from home in times of COVID-19 has given you some pointers and insights on how to tackle this issue.
We firmly believe that working from home will stay as one of the permanent outcomes of a possibly 3-month or perhaps even longer period of lockdown. Thus, we recommend you do not take this issue lightly or as temporary. Consider and plan it as a permanent fixture for your workforce.
And remember as well, DCL is always there to help you.