Each time an employee connects to the corporate network from home, they create a new access point that can often be exploited. What can companies do to protect the remote use of these corporate credentials? Windows Active Directory (AD) is still the main identity and access platform used by companies all around the world. “In fact, 95% of Fortune 1000 companies use it,” points out François Amigorena, founder and CEO of IS Decisions. “Keeping that in mind, if you want to secure your remote workers, you are likely going to need to secure the remote use of AD logins.”

With the coronavirus outbreak, new phishing email campaigns are a constant concern. “Like the disease itself, the cybercriminals are targeting the most vulnerable – your new remote employees. Public fear is the perfect opportunity for them to attract their victims with links or document downloads of safety recommendations and infection maps. Now more than ever, the probability of employees clicking on a link or opening an attachment is high, and hackers know it,” he adds.

In such times, a poor security of Active Directory logins can put your business at risk. The threat surface is now bigger than ever, considering that most companies have been forced to work from home. “Most of them didn’t even have time to prepare for remote working which increases the risk even more,” states Amigorena. “They just rushed to allow Microsoft remote desktop (RDP) access, in order to let employees access desktop resources without having to be physically in the office. The focus has been the continuation of operations, leaving little attention for information security.”

To help minimise the risk of remote working, he advises:

• Have a clear equipment policy for remote workers: as much as possible, use the devices available, secured and controlled by your company. If you can’t do that, you have to give clear usage and security rules and guidance to your remote employees
• Make sure to secure external access: the best way is by using a VPN (Virtual Private Network). To be even more secure, you can limit VPN access only to devices authorised by the company. This is a great way to strengthen your security. If an attacker tries to login from an ‘unauthorised’ device, connection must be denied
• Establish a strong password policy: to be secure, passwords have to be long enough, complex and unique. To address the vulnerabilities of passwords, you can enable two-factor authentication on your remote sessions, especially for logins to the corporate network
• Have a strict security update policy: as soon as a security update is available, you need to deploy it on all device on your network. Attackers can quickly exploit those vulnerabilities
• Ensure regular backup of data and activities: backup is important. If your organisation gets attacked, it might be the only way to recover your data. You have to perform backups regularly and test them to be sure they are working
• Install professional antiviral solutions: antiviral solutions protect your company from most common viral attacks, but not only. They also sometimes protect from phishing or from some ransomware attacks.