Remote Workforce Preparation

Remote Workforce Preparation

Cloud disaster planning Education mobile Office 365

Coronavirus (COVID-19) has started to spread throughout the country and health officials are starting to announce recommendations that in certain areas employees stay home for two weeks. Is your organization ready to have a remote workforce?

Scenario 1 –  Local File Server / Local Applications

If your business has a local file server (e.g., network drive ) or you use desktop based applications then you will need a way to access your company computer remotely. Options include services such as Teamviewer ($50/month or free for individual), Logmein ($30/month), or GoToMyPC ($35).

Your company may offer other remote access methods such as a VPN so please consult with your IT department first.

Scenario 2:  Cloud based file service + Web based Apps

If your business has its files stored in SharePoint, Google Docs, Dropbox, ShareFile, Box.com, or other cloud service AND your business applications are web based (e.g., you run everything from inside a web browser) then you are ready for a remote workforce. With Microsoft Office 365 you may access everything via a web interface at https://office.com. Other services may require a locally installed software agent.

Other Considerations

  • Does your phone system support forwarding calls outside of the office to employee home or mobile phones?
  • If your employees will be using their personal computers there are security issues to consider such as ensuring laptops are encrypted, devices are password protected, and anti-malware is installed.
  • Will your IT department be able to provide support on personal devices? If so, what are the parameters?
  • Update your website to reflect changes in hours or modifications of services.
  • Employee contact information contains home or mobile numbers (for internal use only).
  • Paperwork normally filled out onsite (e.g., intake forms, new member information, etc.) should be made available remotely.
    • Convert documents to PDF before making public. Do not share Word documents.
    • Items converted to forms on websites should be tested to make sure they are secure.
  • If using a self hosted remote access service, or utilizing VPNs, can your current Internet bandwidth support the additional inbound usage?

Conclusion

As they say. hope for the best but prepare for the worst. If you are interested in our managed remote desktop service or moving your office to the cloud please contact Wireguided at support@wireguided.com.

For more information about the Coronavirus visit the official CDC website

Is Your Email Hacked?

Is Your Email Hacked?

Cloud Office 365 Security

Office 365 has become a big target for hackers due to it being used by thousands of businesses. We have seen an increase over the past few years of Man-in-the-Middle (MitM) attack attempts on our clients. In these types of security breaches the bad guys monitor hacked accounts (sometimes for months) looking for an opportunity to impersonate the real account user. Examples of the devastating outcomes of such attacks can be found HERE, HERE, HERE, and HERE

If you have Office 365 you can use the below steps to do a quick check to see if you have any of the common signs of a MitM attack. Other email services will have similar menu options.

Remember, it is always good practice to change your password at regular intervals throughout the year. Just make sure your password is secure.


Check Your Account

Go to http://outlook.office.com and sign in with your Office 365 credentials.

Step 1 – Click on the gear icon in upper right.

Step 2 – Click on the gear icon in upper right and then View all Outlook settings.

Step 3 – Select Mail

Step 4 – Select Rules. If you see any rules that you did not set up notify your IT department. A common rule that hackers use are moving items from your inbox to other folders such as Archive, Trash, and Junk. If you make any changes make sure to save them.

Step 5 – Select Forwarding. If you see mail going to an unknown email address that is a good sign your account has been compromised. If you make any changes make sure to save them.


Every attack profile is different and even if your account looks good always assume the treat is there. Your IT department can help minimize the risk through a combination of user training, Office 365 settings, and standard security software. Wireguided is always here to assist your organization in all matters of security. Our services include anti-phishing training, incident response, disaster recovery, and security infrastructure design.

-Tim

Office 365 Phishing Examples

Office 365 Phishing Examples

Office 365 Security

[UPDATED: 09/03/2020]

The bad guys have been targeting Microsoft Office 365 users lately with multiple phishing attacks. Below is a sample of what to be on the lookout for. I would recommend sending this article to your employees to improve security awareness.

Red flags

  • “From” email address is not a Microsoft address. Even if it does show a Microsoft address it could be spoofed.
  • It’s addressed to a generic person such as “Client” and not the recipient by name.
  • It doesn’t look polished as you would expect an email from Microsoft to be.
  • Sent with High Importance.
  • It contains an attachment. Microsoft will never send you an email with an attachment.
  • Involves a threat of data loss.
  • English may not be proper.
  • If you move your mouse on top of a link in the email without clicking in Outlook it will show where the link really goes (to the attacker’s web site).

I have highlighted these red flags in the samples below.

Sample Microsoft Office 365 Phishing Emails

 

 


 

 











-Tim