By Alex Rayter
Phoenix 2.0, Inc.

If you’ve ever been in a hotel room late at night working on a client deliverable, we understand each other. Those of us responsible for driving revenue understand that time kills all deals. That’s why there’s never a good time to lose productivity, especially because you can’t access your device, resources or data. In order to ensure sales teams stay productive in this new era of COVID-19 and WFH (Working From Home), it’s important to put some protections in place.

On-the-Go Security

Salespeople move around, even during COVID, so let’s start with best practices for being out on the road. Hotel and coffee shop WiFi is not secure and often a watering hole for bad guys. Having a secure mobile hotspot from one of the major carriers is critical to staying secure and productive.

Mobile Connectivity (both for WFH and on the road)

  • Turnup Time: 2-7 days + shipping
  • Rough Pricing: $25-50/user per month + device & activation ($100+)
  • Provided by: AT&T, Verizon, Sprint

As clients in manufacturing enter the middle market, they start to rely on ERP systems to run their business. Accessing these systems remotely can be risky if you, as the ingress point, are not secure. Your organization should either have a corporate firewall-based VPN solution in place (e.g. Cisco/Meraki, Fortinet) or use a personal VPN client, such as any of the below. This will keep the connection and data transmitted therein private.

Corporate Firewall or e.g. Citrix-based Systems, such as Cisco Meraki, Fortinet, Palo Alto (ask your corporate IT Dept. or contact Phoenix 2.0: Home)

  • Price: Generally $3500-5k for HW, 3-year license and labor to install/configure

Personal VPN

Email Security is paramount. If the bad guys get into your email, they can lock you out of everything else, exfiltrate privileged information and trick your finance department into wiring out a lot of money. Turning on MFA (Multi-Factor Auth.) and Spam Filtering will go a very long way. Hopefully at this point, you’re using Cloud based corporate email (Office365, Gmail). Utilities such as MailProtector or ProofPoint are a great all-around solution; they even provide add-on services, such as easy email encryption. Price is nominal at $5-10 per user per user/mailbox per month.

Endpoint Protection (e.g. WebRoot, Sophos or similar) is now a catch all term for NGAV/next-generation Anti-Virus, Anti-Malware utilities. Following the principle of “Defense in Depth,” the next attack surface to secure is the actual device itself. Assuming that malicious traffic has gotten through because you clicked on something you shouldn’t have or gave up your credentials somewhere, there should be a layer of protection on the local machine to intercept the malware and prevent it from executing commands or installing malicious applications.

  • License: ~ $5-7 per user per month
  • Labor: ~30min-1hr. per machine/device

Device Encryption is essential. Being a road warrior means you’re subject to the same pitfalls that can befall anyone moving around with valuable property. If you forget your phone or laptop in a ride-share or a hotel room, you need to be sure that the data on that device will be extremely difficult to access. Disk encryption for laptop-based hard drives is available and built-in for free with professional versions of Windows or Mac operating systems: Bitlocker (PC) or FileVault (Mac).

  • Price: HW/license is free
  • Labor: ~1hr. per machine
    *Mobile Device Management utilities are very popular with corporate departments where users use a cell phone to access work related email or data. Ask us for information on MDM solutions.

Cyber Security a Home

Working from home? You should have Home ISP and network protection. Residential-grade Internet circuits and routers have no protection on them by default. Comcast, AT&T and most other large carriers have started to introduce business grade Internet services into the home, accompanied by new routers that have some security built into them. We have also been encouraging our clients to reimburse users for a second business-only internet connection and other accompanying accouterments (dual-monitors, ergonomic keyboard and mouse, etc.) that will allow employees to have a true WFH-Office setup. This includes not only equipment but also ergonomics:

Home setup recommendation: Commercial-grade home office firewall Meraki Z3 with Enterprise 3 year License.

  • HW & license: $450
  • Labor: ~2hrs.

Minimum requirement is to:

  • Upgrade home ISP router and firmware
  • Rename SSID/wireless network name
  • Change password and update security settings

Conferencing and Voice

Whether you use Zoom, Microsoft Teams or Webex, the specific platform isn’t a gating issue, but making sure you have adequate bandwidth to have an effective and pleasant conferencing experience is key. Being mindful of security and privacy settings in these apps is also very important.

Here are some tips to follow for a solid conferencing experience:

    1. For good voice and video quality, you need to maximize the bandwidth available for the conferencing app. Close all programs and browser tabs not in use when conferencing.
    2. Reboot your machine early, especially on Tuesday morning, test and be ready to go. Patch Tuesday is a weekly occurrence when Microsoft pushes out Windows updates and this reverberates across the whole tech industry, often with some bugs solved and new ones created as everyone tries to adjust interoperability of their SW and platforms with new Windows patches and updates.
    3. Make sure you’re using a robust and stable Internet connection.
    4. Check your security and privacy settings. Here is a helpful premier for Zoom.
    5. Voice/Contact Center/Soft-Phone
      • Cloud based VoIP/Voice Services providers can do everything traditional PBX phone systems can and then some, whether you need a physical desk phone at home or not. You can now plug a physical desktop phone in at a remote location and it will broadcast your office number and function just like at the office (this feature is called “Teleworker”). Some of the other compelling features of modern VoIP based services are:
        • Twinning – ringing your multiple voice devices at the same time and mirroring their functionality and the number/extension they broadcast when placing outbound calls.
        • FindMe/FollowMe – a programmable rule set to locate/alert you on your various devices and contact methods using a hunt group-type sequence: cell phone, desk phone, home phone, email, text, etc. Never miss a call from a prospective client again!
        • Contact Center – a call center-based queue for remote workers. Due to COVID, staffing a call center is not feasible. Many organizations that run Sales or Customer Service Departments can now allow their call center workers to work from home using voice services built inside a software platform.
      • Some of the vendors that excel at modern voice service offerings are: DialPad, TalkDesk, Jive, 8×8, Nextiva, Comcast Business VoiceEdge, etc. – ask us for a comparison chart based on your specific needs.

Security Awareness Training is an education process that teaches employees about cyber security. Topics include how to avoid phishing and other types of social engineering cyber attacks, spot potential malware, report security threats, follow company IT policies and adhere to any applicable data privacy and compliance regulations (#GDPR, #PCI, #CCPA, #HIPAA etc.). During the coronavirus pandemic, 52% of IT departments list a lack of end-user security awareness as the weakest link in their overall posture. Here are some great effective options for cyber security awareness training:

  • A vendor called Hook Security offers two types of options, these are typical of most vendors although the price points differ.
    1. One month assessment (two phishing email campaigns and one report), $10 per email address.
    2. Psychological security training delivered monthly – monthly Phishing Testing and Security Awareness Training (12 months), $3 per email address per month.
    3. Here is a great option for free, but still very good baseline training.

We hope you find the above information helpful. This eight-step approach will ensure that your workers feel taken care of, are secure and productive. We would be happy to review the above as it relates to your organization. Please feel free to reach out to Phoenix 2.0.

Alex Rayter

Principal, Phoenix 2.0, Inc.
alex@p20inc.com

Alex Rayter is a founding Principal of Phoenix 2.0, a full-service IT Consulting and Management firm, specializing in Managed IT and CyberSecurity, Technology Staffing and Strategic Projects, the firm’s motto is “IT without the drama.” In his spare time Alex serves on a number of non-profit boards and is passionate about how technology can level the playing field and help transform societal issues.