The National Cyber Incidents Response Center has prepared a guide for managers and employees to safely maintain “remote work”, which has become widespread within the scope of new types of coronavirus outbreak measures.
Ankara (Anadolu) – The guide titled ” Safe ‘Remote Working Rules” included the points to be considered, measures to be taken and best practices for businesses, institutions and personnel using remote working methods.
Accordingly, it is important to establish a working group that includes technical and administrative staff to identify and minimize the risks related to security and working conditions by institutions and system administrators who implement the remote working method.
Risk assessments of critical services that cannot be opened to remote access should be made.
Prioritizing for critical services and resources that are not suitable for remote access , keeping a sufficient number of staff in the workplace with backup and assigning them are among the steps to be taken.
It is important to provide awareness training and orientation to all staff working remotely, especially about strong password usage, social engineering attacks and security software.
In case of using VPN or remote management service (RDP, SSH etc.) for remote access, it is recommended to use the most up-to-date / stable / secure version of the relevant systems.
Alarm mechanisms must be established for correct and complete configuration of all security measures supported by the systems, regular trace records (logs) produced to detect a potential attack, detection of unauthorized access, brute force attacks and similar anomalies.
In addition, the authorization of the powers in accordance with the principle of “least privileged access”, defining a time-out for the maximum connection time on the systems, creating the rules defined during the remote operation temporarily, restricting the “IP source” for remote connections where possible, It is important to take multi-factor authentication and time-based authorization measures for accesses, to provide systems / computers with security measures for remote personnel, and to make sure that remote access is not permitted for access to any critical systems that should not be defined according to the risk assessment.
Alerts for employees
The guide also included measures to be taken by remote personnel.
Accordingly, it is necessary to make sure that the necessary security software is installed, updated software is used in the systems used for remote operation (PC, lap top, tablet, phone and so on) and that there is no harmful software.
It is important not to extract and record any critical data outside the organization, even during remote work.
It is recommended that non-critical data that must be taken out, systems that are copied or moved, and the security of the data in question be provided.
Assuming that the vast majority of the connection will be made with wireless modems, warnings are taken to take measures such as using WPA / WPA2 protocol, Mac address filtering, SSID hiding on wireless modems.