WORKING REMOTELY AND ACCESS TO EGI SERVICES
While EGI is designed to allow remote working, the covid-19 situation is not too different from the scenario during Christmas break, except that this will be standard for the time being. In addition videoconferencing and various Instant Messaging systems will be used extensively. These systems may suffer from a high load, or attacks in various forms, therefore review the settings and prepare fallback solutions to keep at least minimal communications to your relevant peers.
RECOMMENDATIONS:
- Use only Operating System versions with vendor security support.
- Apply regular updates to your OS and applications, in particular the applications you use to access the internet (RDP, web browser, mail client, instant messaging etc). This also applies to your mobile systems (phone, tablets etc).
- Make sure to regularly backup your local data. Disconnect the storage from the system after the back-up is finished. It is also important to occasionally test these backups if possible.
- Have different passwords for different services. Never re-use the password you use to access your home institutes, or EGI services. Use a password store, such as, keepass, 1Password, BitWarden or LastPass, to keep them safe.
- Protect your credentials – make sure they they are stored securely, and that you use strong passwords. The use of a password manager is also very useful in this regard as they often provide a strong password generator.
- Beware Phishing campaigns: The security teams have seen an increase of Phishing campaigns leveraging the COVID-19 crisis. While most of it is just spam and may be filtered out by organisational filters, you should also be aware that these campaigns also use the various social media technologies and thus require special attention. Some hints on how to spot malicious mails are available here.
- Video Conferencing: with the huge increase in the use of video conferencing as people have moved to work from home, take steps to avoid unwanted attendees from joining or even hijacking your conference call by, for example, setting a PIN or password. The popular Zoom system has a blog post on useful steps to take.
- Privacy and communications tools: Note that there have been a number of reports of privacy issues with the Zoom system with some additional guidance being published by third parties. Always make sure to understand the configuration of your communications tools, and make sure that these are also patched and up to date, especially in the current environment. Communication tools may see more frequent updates due to more frequent usage in the COVID-19 situation, so please check regularly for updates with the vendors.
Read more about securely working from home:
- SANS Security Awareness Deployment Guide
- 5 steps to securely work from home
- ENISA Top Tips for Cybersecurity when working remotely
EGI services and COVID-19
All the information about COVID-19 and its impact on EGI services will be regularly updated on EGI and COVID-19 website.
Report an incident
If you suspect an incident that may affect the EGI infrastructure, please report it immediately at abuse(at)egi.eu
Recent Comments