As the whole world fights with Covid-19 pandemic, Organisations are being forced to quickly adapt new method of working. Ever since working remotely with teams distributed across multiple geographic locations and time zones becomes a new normal, keeping data and cloud deployments secure becomes more challenging.
Many companies tries to identify and implement best practices to maintain the security posture of their cloud assets while enabling more remote workers to access them. Organisations that have not already put provisions in place to facilitate home working have been left with no other choice but to migrate their workloads to the cloud in a very short period of time, which brings a new and different dimension to the challenges that businesses face in human and operational aspects.
Below are some of the common scenarios and best practices to help you to prioritise the action you may need to take.
Multi Factor Authentication:
Have you enabled at least two-factor authentication to secure your remote systems from? To help safeguard access to data and applications, Multi Factor authentication (MFA) provides additional layer of security. Your MFA roll-out plan should include a pilot deployment followed by deployment waves that are within your support capacity. Begin your roll-out by applying your Conditional Access policies to a small group of pilot users.
Protect user devices:
To reduce the chances of a malware infection in personal and corporate devices, use security software, Organisations must take care of updating applications, so activate automatic updates from software makers or use a patch-management tool — such as Windows Intune which helps protect devices and your corporate data with tools like security baselines, Azure AD conditional access, and partners for Mobile Threat Defence. Once we configure Intune, We can then build controls around that with multi-factor authentication and conditional access policies for unknown devices or untrusted networks.
Secure RDP or SSH:
Some users might need remote access via RDP or SSH to servers that are in your cloud infrastructure. In Azure, Instead of allowing full 24 x 7 access to those servers, ensure that you are using Just-In-Time (JIT) VM access to those servers. You can think of trying Azure Bastion service which is a platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines do not need a public IP address. In AWS, you can use AWS Secrets Manager to securely store and rotate SSH key pairs
Have you setup monitoring for remote users through audit logs and transnational logs? With the increased load and usage from so many people working remotely, service monitoring has proven crucial to making sure everything is operating as it should.