For years, we’ve seen the number of remote employees increased, but in 2020, we saw it explode.
Consequently, we saw the number of cyberattacks on remote employees increase like never before – a trend we don’t anticipate changing.
To respond to the rapid transition many of our clients went through to enable their employees to work remotely, we began offering a teleworker assessment.
This assessment is much less comprehensive than our Purple Team and Blue Team Hive Assessments. It solely focuses on the technical components related to your remote workforce and offers a way to secure that portion of your IT environment.
However, it offers the same attention to detail and security posture analysis as our more extensive security assessments.
Pros & Cons of a Teleworker Risk Assessment
Are you wondering if this assessment is right for you?
If you have a remote workforce and are looking for a way to evaluate its security, here are some pros and cons for you to consider before signing up for this service.
Benefits of a Teleworker Risk Assessment
When you sign up for our teleworker risk assessment, you can expect the following benefits:
- Budget-friendly: The teleworker risk assessment is our least expensive security analysis. This makes it a great option for businesses who aren’t ready to commit to a Purple Team or Blue Team Hive Assessment.
- Quick results: The smaller scope of a teleworker assessment allows our security team to quickly find vulnerabilities related to this type of analysis. The assessment itself is completed in a single day.
- Security recommendations: Like our other security assessments, our teleworker risk assessment comes with risk reduction recommendations. These will be focused on your remote workforce technology.
Problems with a Teleworker Risk Assessment
Our teleworker risk assessment is a great way to discover you
- Small scope: A teleworker assessment solely focuses on security issues related to your remote workforce. As a result, you should not consider this assessment a complete overview of your IT environment’s vulnerabilities.
- Time restraints: This assessment is a one-day analysis of your remote technology. Our team will look at as much as possible during the one day, but at times, they may not be able to review everything.
- Cost of remediation: When possible, our security team will recommend free or inexpensive ways to address the vulnerabilities they discovered. However, some problems will inevitably come with a price tag to resolve.
Cost of a Teleworker Risk Assessment
Our teleworker risk assessment is structured differently than our other evaluations, and the price reflects that.
For small and large businesses alike, we spend eight hours going through as much of your remote workforce IT environment as we can.
As a result, we charge a base price of $1,800 for every customer, regardless of the number of users you have.
However, if you want to incorporate other components of security assessments, such as penetration testing, we’ll work with you to adjust the price for the additional services.
Scope of a Teleworker Risk Assessment
Our teleworker assessment addresses the increased attack surface businesses with remote workforces have.
To do this, we look at four specific areas:
- How do you automate the monitoring of your security controls?
Specifically, we’re looking for how your organization secures users’ remote connections, tracks failed login attempts, and uses multi-factor authentication for user verification.
- What are your encryption practices?
All of your organization’s data exists in one of three stages: at rest, in transit, or in use. Remote connections make data at rest or in transit vulnerable to exploits, so we’ll assess how you’re encrypting files in those stages.
- How do you manage access to control points?
Users are every company’s biggest vulnerability. In a remote workforce, this is even more pronounced since those users are on their own networks. Our teleworker assessment addresses this vulnerability by looking at how your users are routing their remote access and segmenting or “walling off” their traffic.
- Who has privileged access and command control?
This area of the assessment looks at who can access what within your IT environment. We’re looking if users have only as much access as they need for their job and if account administrators use a second, separate account for administrative tasks.
Resources about Teleworker Risk Assessments
For more information about our Teleworker Risk Assessment, check out the following resources:
Request an Estimate
The KR Group is the only IT consulting company that empowers business leaders to make informed technology decisions by providing premium educational resources and personalized services.