"Depending on the organization's budget, there are various solutions for ensuring remote access security. One of them that should be used first is multi-factor authentication using one-time passwords or hardware tokens. If the organization is concerned about data leakage, then remote access should be integrated with DLP systems. If the organization does not have the opportunity to distribute laptops with pre-installed corporate software, antiviruses and security policies to all users, and users will log into the corporate network using home PCs, you should not neglect "sandboxes" in which files copied by users to the corporate environment will be "wrapped," recommends Danila Egorov. "You should also not forget about SIEM systems for analyzing logs, atypical user behavior and identifying deviations in software behavior. It would not be a bad idea to create a plan for training users in the basics of secure remote work and, perhaps, conduct an exam on understanding of the course completed, because secure remote work is not only software or hardware with which we try to close possible holes, but also appropriately trained users.”
"Today, protecting remote workstations," says Anton Lensky, "is bahrain mobile database protection, which ensures the construction of an encrypted (mandatory in accordance with the requirements of Russian legislation) tunnel from a remote computer to centralized services. Domestic cryptographic protection means that meet the requirements of Russian regulators were specially developed to ensure the confidentiality, integrity, and availability of restricted information during its processing, storage, and transmission outside the controlled zone."
Contraindicated remote work
For most companies, there are no contraindications for switching to remote work, Vyacheslav Logushev believes. It is only important to implement information security policies into business practice, strictly follow them, they should not be formal, paper, but really operational with strict control over compliance.