How CIS Can Help Teleworkers Improve their Cyber Defenses
As the COVID-19 pandemic is forcing more and more companies to adjust their work schedules and move to telework environments, CIS remains committed to keeping our CIS SecureSuite Members secure on the home front. Our commitment to protecting the global IT community is stronger than ever, even amidst concerns that cybercriminals are searching out ways to exploit the disruptions caused by the coronavirus (Cyber Threat Actors Expected to Leverage Coronavirus Outbreak).
Easing into the telework transition
During these trying times, CIS offers 5 Network Security Remedies for Telework to help ease the transition from on-prem to remote work:
- Practice smart password management and enable two-factor authentication
- Enable automatic updates for all routers and modems
- Turn off WPS and UPnP
- Turn on WPA2 or WPA3
- Configure the router/modem firewall
The CIS Controls Telework and Small Office Network Security Guide helps combat security concerns affecting home and personal network equipment use; it provides an easy checklist so employees working from home can assess their networks, and return to their IT department for review.
CIS resources to enhance cyber defenses at home
CIS offers other resources that your organization can use to help with the transition to a remote workforce model:
CIS Controls Telework and Small Office Network Security Guide: This Guide is meant to assist individuals and organizations in securing commodity routers, modems, and other network devices. Securing these devices is important as there are serious cybersecurity considerations surrounding the usage of network devices.
5 Network Security Remedies for Telework: Five high impact actions that can be taken by employees to immediately improve the security of their home networks.
11 Cyber Defense Tips to Stay Secure at Work and Home: The line between our on- and off-line lives is shifting as technologies bring the internet into our workplaces, homes, and everywhere in between. IoT devices, cloud storage, multi-factor authentication…there’s a lot to understand. Here are 11 cyber defense tips for securing your digital systems and data.
How 4 of the CIS Controls Can Help Secure Your Home Network: This blog post highlights what steps to take and the CIS Controls that should be implemented to practice cyber safety at home.
CIS Controls Cloud Companion Guide: In this document, we provide guidance on how to apply the security best practices found in CIS Controls Version 7 to any cloud environment from the consumer/customer perspective. For each top-level CIS Control, there is a brief discussion of how to interpret and apply the CIS Control in such environments, along with any unique considerations or differences from common IT environments.
CIS Controls Microsoft Windows 10 Cyber Hygiene Guide: This guide provides detailed information on how to accomplish each of the CIS Sub-Controls within Implementation Group 1 (IG1). This guide builds upon the best practices established via the CIS Controls® V7.1. Where possible, the document provides step-by-step guidance on how organizations utilizing the Microsoft Windows operating system and supporting platforms can meet applicable sub-controls and improve their cyber hygiene.
CIS Controls SME Companion Guide: This guide seeks to empower the owners of small and medium-sized enterprises (SMEs) to help them protect their businesses with a small number of high priority actions based on the CIS Controls – a comprehensive set of cybersecurity best practices developed by IT experts that address the most common threats and vulnerabilities.
CIS Videoconferencing Security Guide: This document provides overall security guidance to mitigate common attacks that can occur over videoconferencing systems, such as Meeting Bombing, Malicious Links in Chat, Stolen Links, and Host Privileges Transfer. Recommendations apply to a wide variety of videoconferencing systems such as Zoom, WebEx, Microsoft Teams, and BlueJeans.
CIS Zoom Benchmark: The CIS Benchmark for Zoom contains detailed security configuration recommendations for this videoconferencing platform.