- Customer Focused
- Bidding Opportunities
- Customer Login
A lot of us are working or taking classes from home due to the impacts of COVID-19. Now is a great time to look at the people, processes, and technology that allow this type of mobility either offered as a job perk, or necessary as part of a Continuity of Operations (COOP) or Continuity of Government (COG) strategy we are faced with today. The risk posture is greatly increased when our resources and people are spread out.
On the network side, it is important to utilize a virtual private network (VPN) solution for those that connect back into our organization’s IT network. From an operational standpoint, this allows workers to access the applications and resources to do their jobs, but also allows the security controls put in place to work effectively (i.e. firewalls, IDS/IPS, endpoint protection and endpoint detection response solutions).
The Cyber Infrastructure Security Agency (CISA), part of the Federal Department of Homeland Security has some great tips that can help make the VPN experience work well for users and technical administrators.
Another great resource to check out comes from the National Institute of Standards and Technology (NIST) is SP 800-46 Rev. 2 Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security.
Those in K-12 likely do not have students reaching back into a schools enterprise network, but it is important for endpoints to be protected, especially if they are part of a 1 to 1 initiative and taken home by students. Our recommendation is placing some type of endpoint solution to ensure that security is maintained when utilized away from the school’s network. Cisco Umbrella does a fantastic job of this and checks the Content Filtering box required in the K-12 space, and during this time Cisco has made it available for free.
As always, feel free to reach out to the ICN should you have any questions or consultation to make sure you are on the right track when it comes to cybersecurity. We have a vast array of experience and expertise in the security field and people holding security industry certifications (CISSP, CEH, CISA, Security+ etc.).