{"id":45029,"date":"2020-03-31T15:26:59","date_gmt":"2020-03-31T21:26:59","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=resource&p=45029"},"modified":"2024-02-20T18:32:56","modified_gmt":"2024-02-20T23:32:56","slug":"working-from-home-jumpcloud-admin-guide","status":"publish","type":"resource","link":"https:\/\/jumpcloud.com\/resources\/working-from-home-jumpcloud-admin-guide","title":{"rendered":"Admin Guide to Supporting Work from Home with JumpCloud"},"content":{"rendered":"\n
Offices in prior decades were built primarily with an on-premises state of mind. In order to do work, you had to drive to the office, work on a desktop or stationary computer, and authenticate locally to your on-prem Active Directory\u00ae<\/sup> or LDAP server.<\/p>\n\n\n\n Beyond the fact it doesn\u2019t easily accommodate remote work, the on-prem model has other downsides, including forcing admins to manage multiple different passwords for applications and connect their users to WiFi via an unsecured passphrase like WPA2. As technology evolved, cloud applications, varying operating systems, and disparate resources became more common in the workplace, and they challenged the on-prem model as well. <\/p>\n\n\n\n Desktops evolved into laptops, installed versions of applications became web browser-based, and WiFi protocols evolved to become more secure. Offices, too, have started evolving to allow for work-from-home or multiple remote branch offices. <\/p>\n\n\n\n The JumpCloud\u00ae<\/sup> open directory platform<\/a> was built to allow employees to work remotely from home, on the go, or at a remote branch office. This is made possible with a 100% cloud-based directory and secure solutions for the various IT resources at your company\u2019s disposal. <\/p>\n\n\n\n When working in any IT environment, especially environments with remote workers, there are several things you should consider configuring and enforcing. This guidance applies whether you are using JumpCloud or not, so we\u2019ll go through this before going through JumpCloud-specific guidance.<\/p>\n\n\n\n Strong Password Policies: <\/strong><\/p>\n\n\n\n Different security compliance regulations may require different levels of password complexity. For example, section 8.x in the PCI DSS 3.2.1 compliance requirements<\/a> recommends the following list be enforced on passwords used in a secure environment: <\/p>\n\n\n\n It should be noted that you can always make these requirements stricter based on the security compliance and policies you want to enforce in your environment. Our advice has alway been and continues to be to create long, strong passwords. Ideally, end users are creating a sentence or combining multiple words together for a long password (greater than 16 characters is always preferable, but note that Office 365 limits passwords to 16 characters).<\/p>\n\n\n\n Anti-Phishing Security Policies:<\/strong><\/p>\n\n\n\n In recent years, there has been an increasing number of attacks and successful attacks using phishing or spear-phishing. In 2017 alone, according to a PhishLabs report<\/a>, there was a 237% increase in SaaS app mimic attacks. Beyond that, phishing and pretexting were responsible for 93% of breaches in social attack incidents, Verizon found in one security study<\/a>. There are many ways bad actors can use social engineering, spam email, or URL redirection to get information out of your employees and into their own hands.<\/p>\n\n\n\n Ensure the safety of your users and your business by enforcing good security practices and taking measures against phishing and other cyberattacks. Create a policy that users must forward suspicious emails to your IT admins or security team, and remind them not to click suspicious emails or URLs. Manage your email with good spam filtering, and regularly check in with employees to assess whether they\u2019ve recently received phishing emails. Continually educate, train, and reinforce your employees\u2019 understanding of the dangers of phishing attacks and how to be secure.<\/p>\n\n\n\n You can also recommend that employees limit their social media use at work, including Facebook, Twitter, and LinkedIn. This reduces your attack vectors and helps in securing your employees\u2019 information and confidential corporate information.<\/p>\n\n\n\n To secure your employees\u2019 identities and thwart attempted phishing attacks, enable local user password resets on the system itself. You can train employees and create a workflow for easy password resets on the system locally, which helps encourage users to properly update passwords and automatically distrust any suspicious password-reset emails.<\/p>\n\n\n\n Beyond educating your employees about good anti-phishing practices<\/a> and requiring strong passwords, you can enforce multi-factor authentication, keep anti-virus software updated, and use only HTTPS.<\/p>\n\n\n\n System Security Policies: <\/strong><\/p>\n\n\n\n Locking down your employees\u2019 systems is as important as creating strong passwords for their user accounts. A few of the top policies generally recommended to enforce include: <\/p>\n\n\n\nGeneral Security Best Practices<\/h2>\n\n\n\n
\n
\n
\n