Many employees currently have to work from home. In addition to data protection considerations, secure access to the corporate network is a prerequisite for a secure home office. Secure options include VPN connections, remote maintenance with tools like Teamviewer, or moving data to the cloud. It is insecure to send Word and Excel documents via e-mail or to access the company network directly with Remote Desktop.
What should you not do under any circumstances?
There are three common mistakes when working from home.
Direct access to company computers with Remote Desktop (RDP)
RDP is one of the most important gateways for malware. If direct access to company computers is allowed with RDP, there are many opportunities for hackers and malware to exploit this.
Direct access is like a hole in the firewall that allows an attacker to directly attack the server.
It is OK and reasonable to use RDP for remote access, but only if access is secured via a VPN or an online portal that manages access.
Under all circumstances, you should avoid starting the remote desktop connection on the home computer and using the IP address or a DNS name to get directly into the corporate network.
Only if you establish a VPN connection beforehand is access secure.
Sending Word and Excel documents by mail
Especially in the case of unplanned (not prepared by the circumstances) home work, often the Word and Excel documents needed for the work are sent home by mail. This is problematic for several reasons.
- The documents then lie unprotected in the private mailbox and can be more easily abused by malware from there.
- It is generally not advisable to send Word and Excel documents by e-mail. Documents as email attachments are the most common gateway for malware. If documents are regularly sent by e-mail, it is easier for a “dangerous” document not to be recognized as such, thus activating malware.
- It’s also easy to lose track of which document is current when documents are emailed and used by multiple employees.
If documents need to be shared, a cloud service like Microsoft OneDrive or Dropbox is better than email attachments.
Remote access with Teamviewer and insecure password
If no VPN is available, you can access your network with remote maintenance software like Teamviewer.
With Teamviewer, the password is your protection against unauthorized access. You should note that you will not use a four-digit password as suggested by old Teamviewer versions.
The “new” passwords with six digits of numbers and letters provide more security.
How to access the corporate network securely from home?
VPN connections (Virtual Private Network)
A VPN is like a tunnel through the Internet, through which data is transferred securely.
Once the home user has started the VPN, it is as if they were sitting right there in the company.
Access to network drives in the company or to company computers is also secure in this way.
Remote access with Teamviewer
Teamviewer or other remote maintenance tools are “sufficiently” secure for accessing the company computer from home.
Be sure to share your Teamviewer ID only with people you know (like your IT support). Your password should consist of at least 6 digits of numbers and letters. It is better to use a random password suggested by Teamviewer than to assign a simple one (e.g. “Max123”) yourself.
Working in the cloud
An alternative to remote access to your company computer is to work completely online. Microsoft Office 365 and Microsoft Dynamics allows to work together on documents, CRM system or order management without accessing the corporate network.