Remote Hosted Desktops and Security – How to Protect Yourself and your Data

Remote Hosted Desktops and Security - How to Protect Yourself and your Data

With so many people working at home, remote hosted desktops are particularly useful. They can allow an employee to access everything they could in the office smoothly. However, they are also open to potential abuse and vulnerabilities in remote desktop protocols are significant and growing.

Here are some tips on how to protect yourself when you have employees using remote desktops:

Limit Devices

The best practice for remote desktop is to issue the employee a company-owned laptop and allow only that device access to the remote desktop. This means you control the security software on the laptop and can prevent employees from installing personal software that might cause problems. You can also use this as an extra layer of security by enforcing a password on the device.

In general, users can be easily discouraged from using phones and tablets for remote desktop specifically, as it seldom works well and they have alternative methods for things like quick email checks.

You can also restrict access to only locations where your employees are likely to be. Locking to specific IPs is possible, but can cause problems; for example, even if your employee only ever works from their home, rebooting their network router will change their computer’s IP and lock them out. However, you can restrict by geography, disallowing connections from overseas.

Control User Permissions

Many companies are careless about granting permissions to users, and give employees carte blanche access. Compartmentalizing user permissions and allowing them access only to the files they actually need can go a long way towards ensuring that a hacker can’t get to all of your data from one compromised account.

Obviously you need to make sure you don’t negatively impact productivity, but making HR files read only, for example, can be useful in protecting from malicious actors.

Enable Two-Factor Authentication

Two-factor authentication is good practice for all accounts. One good way is to use token-generating software that texts a code to the employee’s cell phone. These codes can only be used once, so are unlikely to be compromised.

You should also limit login attempts so as to prevent brute force attacks and encourage the use of good password hygiene. Passphrases are better than passwords as they are easier to remember.

Monitor Suspicious Activity

One concern with remote work is that supervisors can no longer do random check on employees in their offices or cubicles. However, it is possible to keep at least a basic check on odd behavior. Obviously, you should not micromanage people, which reduces engagement and productivity. Things you can monitor, though, include connection attempts from odd locations or at times when the employee concerned does not normally work. VPN systems can generally spot unusually high network activity, which can also be a red flag.

Use Encryption

Requiring files to be encrypted during remote work can improve security on top of using a VPN. The files cannot be read in transit even if an employee forgets to connect their VPN or turns it off because the system is so slow they are unable to work, both of which have been known to happen.

Use AES 128 and/or AES 256 as the gold standard to protect your data.

Choose a Good Provider

Finally, make sure that the provider handling your servers is using up-to-date security methods. Ask about firewalls and rolling or incremental backups. Also make sure they have a good record in terms of uptime; it’s even harder for remote workers to continue to operate when the network is down, and if they are using virtual desktop they may not be able to access any of their files and may not be able to store stuff locally.

If you have employees using remote hosted desktop or similar protocols and need advice on how to keep things secure, protect your data, and sustain productivity, contact Bluwater Technologies today.

What Business Owners Should Know About the Twitter #DataBreach

Trending with the #DataBreach

One of the scariest things for business owners to see trending is the word #DataBreach. Over the past few days, Twitter has come forward to apologize for a significant data breach that occurred as a result of a nonsecure browser cache displaying sensitive user information. Although it remains unclear just how many businesses were affected, the compromise is believed to have impacted a large number of companies who utilize the platform for marketing and SEO.

If you were one of the thousands of business owners who received an email from Twitter apologizing for the breach — or if you’ve simply seen the hot topic trending on your dash — you may be anxious to learn the details and understand what you can do to prevent future vulnerabilities. 

Take a deep breath. #DataSecuritySolutions is always trending with Bluwater Technologies.

What Happened?

The core vulnerability responsible for Twitter’s security compromise lies in the way the app and website stores user information. A browser cache allows platforms to remember details about a user and create key analytics. It relies on the process of saving temporary data, such as passwords and credit card information, so the website or app does not need to download this information each time. This allows the website or app to load faster while keeping us connected with our various clients, contacts, and social media platforms.

Unfortunately, Twitter discovered that the confidential billing information of many of its business accounts had been erroneously stored in the browser’s cache. This made the sensitive information visible to potential cyber criminals. Although no exploits have been confirmed, Twitter acknowledged that it was “possible” outside parties could access and view this information.

So what information was exposed? According to the official statement, email addresses, phone numbers and the last four digits of clients’ credit card numbers were the key pieces of data that may have been compromised. 

Who Was Affected?

As previously stated, Twitter has yet to give an official estimate on how many businesses were affected.

This isn’t the first time the tech giant has had issues with data security. In 2018, a site wide bug affected some 330 million users and compromised the password credentials of all business users involved. If this benchmark offers any guess, it’s likely that the current data breach has impacted a broad range of clients.

Non-Twitter users are not thought to be affected. As of May 20th, 2020, the caching issue has been resolved.

What Now?

While news of leaked information is no doubt a terrifying prospect, there’s no need to panic just yet. Modern businesses are more connected than ever through the collaborative powers of social media. That means business owners must prioritize internet security in an increasingly digital world in order to meet the needs of today’s compliance standards.

If your business was affected by the breach, take a moment to review your system information for any indications of a hack. It’s a good idea to call in the professionals and utilize the knowledge of a trained IT consultant to identify any potential threats or vulnerabilities. Ensure all passwords are changed and updated (sentence form passwords are best). If your company has suffered a data loss or been the victim of malicious Ransomware attempts, don’t give in to cyber criminal just yet. Backup and disaster recovery options are available for small and mid-sized businesses.

Once you’ve assessed the damage and come out on top, consider proactive ways to prevent cyber attacks moving forward. Always clear your browser cache at the end of each day or set your browser to automatically clear so that stored information is not visible. Ask your IT consult about curating how your information is transmitted online. VPN’s — or virtual private networks — are a great option for masking and securing your online identity. A robust firewall and a comprehensive network and data security system is the best way to stop cyber criminals in their tracks and protect your valuable information.

Ask our Fort Lauderdale experts for more helpful tips and strategies for making your business #unbreakable.