Blog Posts Business Management

WFH Advisory – for IT Admins

Blog: NASSCOM Official Blog

Due to the global pandemic of COVID-19, the home has become the new office!

Work from home (WFH) has become the need of the hour and the utmost priority is to keep the workforce safe and ensure productivity. In light of these conditions, understanding the available options and working with quality IT services providers, we can safely navigate the cyber world and keep our businesses seamless and protected.

As an industry body, it is DSCI’s continuous endeavor to help you stay connected throughout the COVID-19 pandemic and support organizations and employees through best practices.

Below are some of the basic requirements to secure your network while allowing remote access to employees and guidelines for them to follow.

1. Secure Connection to Workplace

A. VPN Gateway:- should only be used on a company-owned hardware device Virtual Private Network (VPN) gateways create a secure connection to your network from employee devices that are on public networks.

B. Wi-Fi Connectivity:- Ensure you use a secure Wi-Fi network to connect to your organization network. Avoid Public Hotspots or open Wi-Fi.

C. Zoning or Subnetting: To keep network integrity protected, incorporating network segregation wherever appropriate (using subnetworks) to keep publicly accessible components off internal networks, and monitor and control communications at key boundary points.

D. Closure of Unwanted Ports:– It is strongly recommended to close unnecessary network ports with the help of your IT/Security teams.

E. End Point Security with Up-to-date Security and DLP Policies:– Antivirus should be up to date with remote access policy configuration for the auto-update of virus definition, the client machine should be properly patched before connecting to the organization network.

2. Portals /VDI: – Virtual Desktop should be the first choice

It is strongly recommended that employees should access company data and applications through a browser-based webpage or virtual desktop. Ensure that all applications and data are stored on the portal’s server and cannot be downloaded or saved on an employee’s device without permission. This is a good way to keep control over who is accessing your data and how it is used. It’s mandatory to restrict employee’s access to other programs while the portal is in use else there may be a high risk of overexposure.

3. Remote Access Services: – Choose secured and trusted third-party services

It is noteworthy to document remote access requirements, authorize remote access before allowing connections, monitor and control remote access, encrypt remote access connections from the organization’s firewall and threat detection. Try to ensure employee systems/desktops are fully protected and have the same protection as office workstations.

4. Direct Application Access: Low-Risk Employees can remotely login to a single application such as Webmail. The employee doesn’t have access to the entire network; the user can access the application as per his access profiles, so there is a very low risk to the internal network.

5. Live Support Mandate

6. Basic Mandate Hygiene – for organizations and employees alike

7. Right Work Environment:-

Working from home also largely involves sharing the space with other family members/housemates. It’s important to set guidelines to indicate when you are at work so as not to be disturbed. Hence there must be an isolated space for work.

8. The right set of tools and environments should be available to ensure smooth functioning, like a wireless headset for call center operations, quiet workplace, allowed only whitelisted devices in USB ports; Sys Admins should be proactive and allow USB ports only for authorized devices.

9. Please review and seek clarity for NDA/ legal undertaking to protect client/business information that you have signed while joining, and it is every employee’s responsibility to adhere to it strictly while working from home.

10. Ensure to be compliant as per company work from home policies.

11. Risk Assessment:- Risk assessment should be performed as part of selecting a remote access method (tunneling, application portals, remote desktop access, direct application access).

12. Awareness:- Be wary of COVID-19 precaution messages as they may contain malware

Be vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19. Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.

13. Information is Key:-

For a pandemic that the world is still grappling with and when there are new developments every day, it is obvious for everyone to keep a tab of the latest updates. However, social media, a multitude of news portals contain outdated or ill information. It is important to seek current information from trusted sources only. Refer to legitimate government websites, WHO, Ministry of Health —for up-to-date, fact-based information about COVID-19.

For any queries, please reach out to

Download a copy of this advisory and visit our website to read all advisories!

The post WFH Advisory – for IT Admins appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples