Working From Home: Tips on Security and Incident Response

Welcome to the new age, where the majority of the working population doesn’t have their colleagues at arm’s length anymore. We’ve gone radically digital, but are your processes and infrastructure ready for this?

Here are our tips to make sure you give your processes, infrastructure and security the attention they deserve. Both in day-to-day operations and in incident response.

Empower Day-to-Day Activities

Make sure that you and your colleagues can operate as usual. Have you thought about the following?

1. New Work Environments Mean Reconfiguration

You may have changed work stations and left your “precious” at work. Switching to a new device has a few challenges: what credentials are stored on your device only?

Think about key files (such as SSH keys or your AWS credentials). What about the services that can only be accessed from your office’s IP-range. Do you have a VPN configured? Are you sure it works correctly?

Some of our guys got new laptops a couple of months back and they had to lug around both their old and new device for a while. They hadn’t synced their new one entirely yet and needed to be ready at a moment’s notice when incidents happened.

It might not seem big now, but imagine what is going to happen when your incident response team needs to access stuff that they can’t…

2. Synchronize All Your Passwords & Shortcuts

That post-it that used to be attached to your monitor with your password, short cut, etc. might not be there (anymore). Make sure you document them all appropriately.

3. Call Your Colleagues

Need a code review? Have you thought about ringing your colleague for a three-minute chat rather than messaging back and forth for an hour? It saves you a lot of time (and possibly some frustration)!

On top of our daily digital standups, we’ve turned our classic water cooler chats into post-lunch hangouts. It’s important to socialize with your colleagues, even when you can’t physically see them!

4. Automation, Automation, Automation

Automate your processes so that your releases aren’t dependent on a single developer’s machine. It’ll help with your day to day, and when incidents do happen.

This isn’t a quick win like the ones above, but definitely a priority that should be in the front of mind!

Prepare For Emergencies

You’ve set yourself up to do your work – great! But what if all hell breaks loose? Prepare for the worst, hope for the best:

1. Don’t Forget Your Backup Codes

Set up backup codes so that, in the event that you’re locked out, you can get back in without too much hassle. Nobody wants that stress!

Are you using SecretHub? Here’s how to set up your backup codes.

2. Get Ready for Disaster Recovery

Have you got all your root secrets at hand when the sky comes falling down? You might not think that you need the password for that obscure little thing that you only use once every blue moon. There will, however, come a time that you do need it.

So do yourself and your future self a favor and store all your secrets in your vault. Not just the ones you think you might need when working from home, but also the ones that you need to do disaster recovery.

3. Prepare Your Incident Response From Home

Are your incident response procedures still doable in your Working From Home environment? Yes? Give someone the pleasure to try and break something and be sure rather than tentatively confident about your answer.

When we were still working in the office, we regularly tested our incident response procedures by breaking our infrastructure on purpose. One person - often snickering - hauled up in a different room to monitor how we did.

We’re not letting a working from home situation change this! We continue doing these Failure Fridays to see where holes can be poked. Oh, and it works wonders for team mentality and collaboration. Especially when you don’t actually sit next to each other.

4. Scale Up Your On-Call Team

Have you thought about the availability of your response team? With the global pandemic, expect team members to fall ill or have other obligations at home.

So when the server is on fire, they may not be able to help out. Ensure you’ve got people in reserve who can step up when needed.

Pay special attention to your critical processes! Do all your key processes have at least 2 admins?

All four suggestions can be tested with a Failure Friday. We’re sure you’ll learn something from it every single time!

Now Go Do It

We hope this will get you inspired to spend some time on security and incident response and give it some attention. Think of your future self, and how happy they’ll be when all hell breaks loose (again).

Do you have any questions on what more to do? We’re always happy to help you out! Just drop us a line anywhere.