Remote desktop access is an essential in these days when businesses are expected to be responsive to their clients almost 24/7. Moreover, there has been a surge in the remote desktop access practice with coronavirus pandemic. But, did you know that remote desktop access, while almost indispensable now, can threaten your network security? In this post, we discuss a few best practices that you should engage in for safe remote desktop access.

Have your basics in place

Make sure your security basics are covered. Your systems should be secured with the latest Firewalls, anti-malware software and up-to-date with all security patches and software upgrades. Another item on this list is passwords. Make sure you are following good password hygiene such as no password sharing, setting secure passwords, not repeating passwords, etc.,

Train your employees

Train your employees who will be accessing your network via remote desktop connections to identify cyber security threats and steer clear from them. Educate them to identify phishing links, clone sites, dubious attachments, etc.,

Use multi-factor authentication

Multi-factor authentication adds a layer to security and is especially important in case of remote desktop authorization. Multi-factor authentication works by confirming the identity of the user across 3 areas–what they know, what they have and who they are. . User IDs, passwords, secret questions, date of birth, etc., fall in the first category (What they know), while OTPs sent to their smartphone, a physical token or an access card belong to the second category (What they have) and the third category (Who they are) includes biometric authentication such as retina scan, fingerprint or voice recognition.

Limit access wherever possible by deploying Cloud solutions

To a certain extent, the Cloud is a good alternative to remote desktops and more secure. So you can opt for the Cloud-based setup wherever possible and limit remote desktop access to those to absolutely need it.

Remote desktop security strategy formulation and implementation is tedious, but necessary. You can ask your MSP to assist you with remote desktop security strategy implementation. An MSP who is well versed in cybersecurity measures will be able to do this for you. At the same time, don’t forget to inquire about possible Cloud based alternatives to remote desktop access.

Password management tools are software programs that put up enough security and safety mechanisms in place to ensure there’s no password breach.

Your employees can use the program to generate random, high-security passwords as per the industry best practices. They don’t have to worry about remembering them either, because these tools have built-in mechanisms to store the passwords securely and retrieve them automatically when needed.

All passwords are encrypted and stored privately, so no one, other than the authorized user has access to their passwords.

It takes care of timely password update reminders and password reset, so you don’t have to worry about them.

Password management tools make it easy for you to enforce role-based access permissions. For example, a data entry executive may be able to enter data into the sheet only once, and may need authentication from the manager to edit the data, or only someone at the managerial level may be allowed to make edits to the data.

Some password management tools support multi-factor authentication, thus helping you make this important security feature a part of your data security process.

Password management tools also offer administrators and managers full view of the log-ins and also generate detailed access reports. You will know which user logged in, at what time, using which device. Some password management tools can send alerts when there’s a log-in from devices, networks or locations that are unusual.

There are a variety of password management tools available in the market. While their basic function is the same–keeping your passwords secure, password management tools can offer you a lot more in terms of data security. Consult with an MSP who deals with cybersecurity as they can help you pick the password management tool that’s right for your business. But, remember, at the end of the day, there’s no substitute for good password hygiene, so no matter what tool you deploy, you still need to educate and train your employees to follow good cybersecurity practices.

Research points out that more 80% of data breaches happen due to password hacking, meaning that poor password hygiene is responsible for a majority of cybercrimes that follow data breaches. To make sense of this statistic better, let’s first look at what constitutes poor password hygiene.

Using simple passwords

Often passwords that are easy-to-remember are easy-to-hack. Do you use passwords such as password, password1234, delta123, etc.,? If yes, then you should be changing them at the earliest to something less obvious.

Repeating passwords across platforms

As another solution for remembering passwords, people tend to use one, single password universally. This dilutes the password even if it is a strong one. Plus, there’s always the risk of the password being hacked at one place and putting the data stored at all other places also at risk.

Unauthorized password sharing

Unauthorized password sharing for the sake of getting things done faster is a very real problem. For example, someone is on leave and someone else needs access to a particular file from their computer. The employee who is on leave shares the password and that can result in a security compromise.

Writing down passwords

This the most obvious, yet oft-made password mistake. Just so they don’t forget the passwords, people tend to write them down on a piece of paper, a diary or sometimes, store it on their phone. You know what can follow if the piece of paper or diary or the phone is stolen. Same goes for storing passwords on email and if the email server is compromised.

Not revoking access on time

Cases where ex-employees log-in credentials were used to hijack company data are not unusual. When companies forget to revoke the access of employees as they move out of the department or organization, they are leaving a gaping cybersecurity hole open which is easy to take advantage of.

Not updating passwords

Using the same password for years or even months can be risky. Passwords should be changed every 3 months and perhaps even sooner for critical applications.

Single factor authentication

For the more critical areas, multi-factor authentication must be deployed. Relying on password alone is a huge cybersecurity risk. Multi-factor authentication includes tokens, biometric authentication, OTPs, etc., which make it very difficult to hack into the application.

These are some of the basic password mistakes that almost everyone is guilty of at some point. You can prevent these from happening in your organization by educating your staff about them and training them well to cultivate good password hygiene.

How to manage cookies effectively so they are not a threat to your data

Avoid third-party cookies: Third-party cookies are primarily used for online advertising and retargeting, so you won’t miss anything significant by avoiding these cookies. So, whenever you see a cookie alert on any site, first, check if it is for third-party cookies and if yes, it’s best to ‘Not accept cookies’. As a business, don’t allow third-party cookies on your site.

Secure sites: Make sure the sites you visit are secure (HTTPS) and have a valid SSL(Secure Socket Layer) certificate. The SSL certificate ensures that any data that’s exchanged is encrypted, meaning even if the hackers get access to the cookies, the information will be garbled eliminating any data leakage. As a business, make sure your site is secure and has a valid SSL certificate.

Anti-malware software and security patches: Install antimalware software programs on your computers and make sure they are up-to-date. Install security plug-ins and patches as soon as they are available, without delay. Do not use outdated software or operating systems for which support and security upgrades have been discontinued. Cybercrime modus operandi evolves at a rapid pace, an outdated cybersecurity setup will do you no good.

Invest in a good password manager tool: One of the reasons people tend to store passwords and other sensitive information online–which involves use of cookies, is because they have a tough time remembering passwords. A good password management system provides you with a safe and secure alternative.

Educate your staff: Train your staff to identify and steer clear of basic cybersecurity risks such as

1. Phishing links
2. Clone websites
3. Using public Wi-Fi
4. Poor password hygiene
5. Unverified app downloads, etc. ,

IT Policy: Establish a solid IT policy that spells out the dos and don’ts for your staff to follow in the office and also when accessing work data remotely.

If all of this feels overwhelming on top of running a business, it makes good sense to bring an MSP onboard who can take care of not just the Cookie monster but also of your entire IT security setup.