Remote Work Solutions Cheat Sheets
Our current events has brought about an immense challenge in companies to support their greatest asset, their people. With the onset of quarantines & social distancing to protect the general public, more companies are tuning to remote solutions to support their employees to remain secure and productive at nearly any location with internet connectivity.  You'll hear this as “Work From Home, Remote Office,Home Office, Telecommuting, or mobile work."  To make your conversations more effective with clients, here is a general guide of Ingram Micro’s vendors that support this initiative. The majority of these solutions are either software or cloud based so no need to worry about inventory!

Security Solutions For Everyone

Why Remote Work is Making Cyber Security ​More Important Than Ever Before

With more workers setting up shop in their homes due to coronavirus, protecting the network is becoming imperative for companies, especially for industries with protected data. Working remotely leaves networks vulnerable to a range of different types of hacking scenarios—especially if workers are dialing into official networks using personal devices that haven't been vetted or using WiFi networks that aren't secure. This larger remote workforce will be more vulnerable to phishing emails and texts that look legitimate but actually contain malicious software.

We have never seen, on this scale, the potential problems that can arise when an entire agency, company or government institution is working remotely.

Want to know what Ingram Micro has to offer? Take a look at our Security Linecard to see what solutions we can help you build.
Contact CyberSecurity@ingrammicro.com for Help Today
WFH Security Tips & Tools
☑️  Endpoint Security
  • Ideally endpoint that supports both Signatures and Machine Learning or AI to prevent zero day threats
  • ​Enable Firewall, USB Port Scanning/Blocking, Web Filtering, Application Control, Data Loss Prevention (DLP), Anti-Ransomware
  • Upgrade to EDR for deeper analysis if budget allows
    • Use MDR services if you don't have the staff to manage or monitor
☑️  E-mail Protection
  • Utilize phishing campaigns for awareness
  • Scan in both directions
    • Detection of compromised devices and prevents clients/customers from receiving spam
    • Turn on DLP to prevent sensitive data from leaving though email
  • Enable URL rewrites to protect against malicious DNS redirects
☑️  Virtual Private Networks (VPN)
  • Assume all non-corporate controlled networks are compromised
  • Use Split Tunnel VPN for non-sensitive websites to reduce overhead on HQ firewall
  • Enable Multi-Factor Authentication to validate access
  • Use VPN to validate device hygiene before granting access
☑️  Single Sign-On (SSO) & 2FA​
  • Eliminate Password Reuse & Complexity
  • Prevent Credential Compromise with 2FA
☑️  Mobile Device Management (MDM)
  • Ability to Locate, Lock, Patch, and Wipe devices
☑️  Vulnerability & Patch Management
  • Create a patch management policy with a set schedule & endpoint vulnerability assessment plan
  • Scan and assess network internally & externally
☑️  Enable Encryption
  • Disk: Protects data if a device is lost or stolen
  • File/Folder: If files are shared or removed from the device
☑️  Provide Secure Ways to Backup and Share Files
  • Cloud based backup and file sharing for remote devices
    • ​Ex. OneDrive with time expiring links
☑️  DNS Level Content Filtering
  • Prevent malicious and unwanted content from reaching the endpoint
  • Supports Mobile devices as well
☑️  Create Policies & FAQ Docs for Remote users
  • Review polices if they already exist
  • FAQ doc for end users to help reduce IT service requests
☑️  Review Incident Response Procedure 
  • Tie it all together with a SIEM for advanced threat hunting
    • Use Security Operations Center as a Service (SOCaaS) for 24x7 monitoring
  • Have a plan for remediation and risk management
    • Utilize governance, risk, and compliance (GRC) tools to manage risk
    • Have offline and remote copies in case of ransomware or disasters

Use our Security Line Card to find matching solutions

How to Secure Meetings from "ZoomBombing"
Zoom is an easy-to-use videoconferencing tool with a generous free tier. With people around the world isolating indoors to protect themselves against the spread of the corona virus, it has never been more popular. ​But its popularity has also attracted trolls. The phenomenon of “ZoomBombing,” in which an uninvited guest uses Zoom’s screen-sharing feature to broadcast shock videos, has been on the rise. Most Zoom meetings have a public link that, if clicked, allow anyone to join. Trolls have been collecting these links and sharing them in private chat groups, and then signing on to other people’s calls to cause mischief.

Zoom Safety Checklist

  1. Do not share the link or the meeting ID on public platforms
  2. Never use the personal meeting ID, instead allow Zoom to create a random number for each meeting​
  3. Add a meeting password
  4. Enabling “Co-Host” so you can assign others to help moderate​
  5. Set screen sharing to "host only"
  6. Disable “File Transfer” so there’s no digital virus sharing
  7. Disable "Join before host"
  8. Disable “Allow Removed Participants to Rejoin” so booted attendees can’t slip back in

Additional Collaboration Offerings

​Cisco WebEx Meetings and Teams
Microsoft Teams (free to education institutions)
BlueJeans
Intermedia
RingCentral
8x8
Microsoft OneDrive
Dropbox
Google GSuite
Google Chrome Enterprise

Protect remote workers from phishing,
​fraud, and cyberattacks.
More companies than ever have shifted to a remote workforce. That means communication typically done inside a secure corporate network is now being done at home—the perfect scenario for hackers to exploit weak points in a business’s communications protocol and access sensitive data. With that in mind, let’s look at how you and your customers can leverage remote work, boost cybersecurity and ensure fraud prevention while minimizing the risk of cyberthreats.

Your awareness is key
The threat hacking poses to all remote work is potentially huge. Hackers will exploit any and every situation they can. From natural disasters to local emergencies, they will craft emails claiming to provide valuable, relevant information regarding current events. Another popular tactic is to send emails posing as a government agency (e.g., the FBI or IRS), commanding users to open the email and click. This is what is known as ‘phishing’ and is a popular hacking method for exploiting the perimeter of your network (your firewall, website, etc.) in order to gain access.
 
Go phish
In a phishing scenario, you receive an email that claims to be from a legitimate source, but is designed to trick you into clicking on a link or downloading an attachment as a way of gaining entry. One way to spot a phishing email is to look at the sender: Is this someone you know? Is the email address even from your work email domain? If you’re unsure, don’t click any links or download attachments.
 
Phishing 2.0
Another wrinkle in phishing attacks: If someone you know (a co-worker or client you work with) gets hacked, the malware then automatically sends you an email from their email address. So, the email will look legitimate because it’s from someone you know, but it still contains malicious links or attachments. How can you spot this other type of phishing email? Look for other signs of strange behavior. Would this person normally insist for you to click a link or download a file? Another sign are emotional appeals urging you to “act now” or else—this tactic is banking on your instincts to trust the source AND act to avoid some kind of harm or unwanted outcome.
 
Watch out for keyloggers
Another popular trend is credential theft via a keylogger. A keylogger is a program that tracks every keystroke you make when you type on your keyboard. Once a keylogger is installed, a hacker can then scan your keystrokes to find out sensitive data, including usernames, passwords, etc. This is a less obvious cyberattack because the hacker can log in as you so you typically don’t notice anything is wrong until it’s too late. Hackers can install keyloggers when you click on phishing emails or download malicious attachments.
 
If you see something, say something
If your customers think they may have downloaded something malicious or clicked on a suspicious email, they should let your system administrator or IT staff know right away. This will allow your security staff to isolate the infected computer while tests are run on it to avoid spreading any malware further. Some signs of hacking could include a mouse moving on its own and opening files and apps, or if you lock your computer and notice it unlocks on its own. All corporate laptops should have some form of security or antivirus software installed—especially one that allows users to initiate a system scan themselves if they suspect the presence of malware.
 
Employee education
It’s important to educate remote workforces on the dangers of cyberattacks. Ingram Micro’s security experts recommend routinely sending emails to employees reminding them of threats. A built-in reporting system in your email client allowing employees to flag an email they find suspicious and send it to your security team for analysis is another good idea. You can also send out your own “fake” phishing emails to test employees. In the event someone clicks on your fake phishing scam, they would be sent to a site that educates them on the dangers of phishing.
 
The latest security tech
Sophisticated security technology is a must for effective fraud prevention. Most security architecture is invisible to employees, and that’s by design. There are certain aspects they can experience though, including Symantec software and security protocols like two-factor authentication. Companies work hard to secure their devices and their network, but the same isn’t true for personal devices. Employees should avoid using a personal device (phone, tablet or laptop) to do remote work. While convenient, unsecured devices are an easier target for hackers to exploit. And conversely, work computers shouldn’t be used for non-work activities. Logging into social media sites or personal email accounts also makes systems vulnerable to attack.
 
When in doubt, talk to the experts
If you have cybersecurity questions, let our experts help. Whether it’s digital transformation, updating your own workforce to be remote-capable, or securing your customers’ corporate computers and mobile devices, we’re here to support you. For questions, contact the Ingram Micro Consulting and Enablement Services team at cybersecurity@ingrammicro.com.

​Digital Transformation Solutions for Remote Work
Don't let travel restrictions or remote work disrupt business-critical operations. Rely on Ingram Micro's Digital Transformation Solutions remote capabilities to keep your resellers on track
  • Remote Installation: Our experts are ready to provide installation and configuration for Cisco, Citrix, VMware, Veeam, Office365, and other technologies on a fully remote basis.

  • Smart Hands: No travel? No problem. With Smart Hands services we deploy our resources onsite to connect with architects to complete configuration for products unavailable for full remote installation.
  • Penetration Testing and Cyber Risk Assessments: Security is a persistent need regardless of business atmosphere, and our experts can work to test the strength of your network architecture and security measures on a fully remote basis.
 
  • Social Engineering: Whether remote or in an office, employees have a responsibility to keep information safe and secure. Ensure partner employees are abiding by information security standards through a social engineering assessment using spoof emails or phone calls.
 
  • Managed Services: Whether it's help desk, managed security services, managed network services, or other managed service needs, we have a solution to keep business technology running smoothly regardless of external factors. Need repairs, hot swaps, or endpoint devices to be deployed? Ingram Micro's technology as a service (TaaS) and hardware as a service (HaaS) has your resellers covered.
  • Training Services: Ensure that all employee time is as productive as possible by assigning training activities. Whether vendor-led (Cisco, Microsoft, VMware, and many others) or business-agnostic (IoT, sales skills, technology basics), use employees’ available time to increase knowledge and strengthen your salesforce with web-based training.
 
  • Staff Augmentation: Support call center lines ringing off the hook? More engineers needed to enact a business continuity plan? We work with multiple staff augmentation partners to ensure that your business always has the staffing necessary to keep business running. Did you know: We staffed a hospital technology team to re-image computers after a ransomware crisis?
Want to Learn More?

Contact DXSolutions@ingrammicro.com or 1-800-456-8000 x76094 to discuss your resellers’ needs.

UCC Solutions For The Remote Worker
Have you noticed an increase in questions around Remote Worker Solutions? So have we!
These are teams that can support your questions, as well as the questions your reseller partners have for building out these solutions. As more resources are released, you will find them hosted on the UCC IM Connect page.
What components need to be added to a remote worker solution? What questions should I be asking my customer to identify what is needed? This chart will assist you in answering these questions and enahnce your trusted advisor status with your customers! 
While working remotely it is important to be conscious of the experience, both for the remote worker and the experience of the person or party they are connecting with.  Without being able to see and hear each other clearly, a remote meeting is tiring at best and unproductive at worst.  

The 5 Types of Remote Workers and What They Need

We've identified 5 types of remote workers and what considerations need to be taken when building out remote solutions for your customers. This is reseller facing for sharing with your resellers too!

Get Prepared with Our Remote Worker Checklist

Unsure where to start quoting a remote worker solution?
​Here is a checklist to address what you need for a good solution and what to add to make it great!
Contact our UCC Team Today: uccinfo@ingrammicro.com | Cloud UCaaS: Ext. 77099
Site Feedback Encouraged