What are the risks associated with remote working?
As well as your own workforce accessing systems and data remotely, you may also have suppliers, customers and other third-parties using your remote working solutions. If on-premise systems are being accessed through remote access mechanisms like VPNs, these tunnels can provide potential routes into your internal systems for attackers if not correctly configured. Web portals or cloud-based solutions can become a source of data breaches if account passwords are disclosed and other controls aren’t in place.
Along with the threat of ransomware, the complexities of making remote working safe is one of the key information security challenges facing businesses today.
How can I protect my business?
There are many ways to support a remote workforce. Our remote working defence audit begins with building an understanding of how your remote workers operate and the tools they use. We then audit the configurations of any key components to make sure controls such as authentication and authorisation, encryption, and access are properly implemented to protect you from attack.
We can also employ a scenario-based assessment of your solutions to answer key questions for your business. For example, if a remote worker’s username and password were compromised, what might the impact be? Or, what would happen if a remote worker’s laptop was lost or stolen? If several solutions have been integrated, are there gaps in coverage or controls that you’ve not considered, and are your security assumptions valid?
A path to protection
We’ll help you understand how secure your remote working solutions are, and what additional steps you should take to improve resilience. Our advice will help you operate securely, wherever your workforce is located.
We’ll give you a clear picture of the threats and attack paths that your remote working provisions might be subjected to.
We’ll help you answer important questions for your business about what might happen in various scenarios, and what you can do to minimise the risk.
How we work
The Cyberis way
We don’t recommend impossible fixes. If our first-choice recommendation isn’t practical, we’ll work with you to identify alternative ways we can reduce the risk to your brand and data. Our reports are tailored to your business and clearly outline how security risks translate to business risk.
Reassuringly clear answers
Our reports are clear and our advice is actionable, so you can prioritise fixes easily. However, we can provide additional support in this area if needed. We’ll identify quick wins and establish roadmaps for longer-term fixes – so you can focus on making the improvements.
Diverse experience for tailored solutions
We have experience working with a huge range of different remote working setups. These include traditional on-premise environments accessed via traditional VPNs on virtualised desktop platforms such as Citrix, full zero-trust cloud deployments, and on-demand cloud desktops. Whatever your remote working situation, we have the experience to help.
Accredited by the best
We’re fully accredited to provide a range of information security services.
Our remote working defence audit is designed to provide clear and actionable advice around your remote working solutions.
Our services are covered by our ISO9001 Quality Management System and our ISO27001 Information Security Management System.
Our project office keep things simple, scheduling convenient dates, putting you in touch with your lead consultant, and making everything run smoothly from day one.
Our rigorous penetration testing assesses all areas of potential vulnerability across infrastructure, web applications, corporate networks and cloud deployments, mobile apps and web services.
Ransomware Defence Audit
Our ransomware defence audit is designed to help you understand how you can stand up to an attempted ransomware attack, and what you need to do to improve your resilience.
We provide Cyber Essentials and Cyber Essentials Plus Services in line with the IASME Cyber Essentials Assurance Scheme.