Secure remote connections and hardware

            All hardware and connection points among collaborators  must be secure. If you use networked storage,
            configure your device to use an HTTPS connection, ensure you have a valid SSL/TSL certificate installed,
            and get your data backed up.

            You should also ensure you and your collaborators keep all hardware and software up to date and fully
            patched, along with securing WiFi networks  by logging into your router and disabling WPS and remote
            access, enabling HTTPS logins and WpA2 encryption, and updating the firmware.


            Other best practices for keeping hardware and remote connections secure include using a virtual private
            network (VPN) or desktop-as-a-service  (DaaS) platform, ensuring all endpoints have anti-virus and anti-
            malware protection, and educating stakeholders on the risks of human engineering attacks.



            Identity access management  (IAM)

            Speaking of educating stakeholders,  we all know that humans are the weakest link in any cybersecurity
            posture.

            And while security awareness training can help a ton, you also need to protect people from themselves
            with strong password enforcement and access management controls such as multi-factor authentication
            (MFA) or two-factor authentication  (2FA). Enforcing the principle of least privilege—where  stakeholders
            only have access to the data they need to do their jobs, and nothing more—is also highly encouraged.

            Once you’ve developed  a list of role-based  access policies, enforce  it with automated  IAM software to
            keep your rules effective and enforced at scale.



            Strong encryption

            Strong encryption such as Advanced Encryption Standard (AES) is a must when working remotely and
            transferring data to other remote workers and locations. That’s because even if your other measures fail
            and your system is breached, strong encryption ensures hackers won’t be able to read the data.


            And  although  hackers  can  (and  do)  break  cryptography  using  various  methods  such  as  cypher-text
            attacks, cracking those codes takes a lot of work and know-how. Unless the hacker is coming after you
            and your work specifically, it’s likely they’ll just move on to a softer target.

            Always keep your files encrypted  while at rest (and in flight during data transfers).  Most data breaches
            come down to human error, not Enigma-style code breaking.











            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          236
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.