Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Remote Working PSIRT Information

The novel coronavirus COVID-19 has led to many countries around the world mandating that citizens practice social distancing and stay at home. This has led to a huge surge in remote working. Organisations are rapidly adopting new technology solutions that allow users to access company resources and participate in remote meetings.

IT and Security Teams may not be familiar with the security arrangements, or where to keep up to date on security updates, for these new solutions.

This page aggregates a list of the most popular solutions in the following categories:

For each vendor there are links to:

  • Vendor-provided guidance and tips for securely configuring their software
  • Support sites where security advisories and updates can be found
  • Any notification options to have this information delivered to you automatically

How you can help

Please see the Contributing section below.

Video Conferencing (VC)

Vendor Configuration Security Advisories Notification Options
Bluejeans Security options for BlueJeans Meetings Bluejeans Security Advisories (Unknown)
Cisco Webex Cisco Webex Best Practices for Secure Meetings Cisco Webex Security Advisories, Responses and Notices (Unknown)
Google GSuite Security Center (Enterprise customers) (Unknown) (Unknown)
GoToMeeting GoToMeeting Web Conferencing Security (PDF) GoToMeeting Release Notes Click 'Subscribe' from Release Notes
Microsoft Teams Security and compliance in Microsoft Teams Security Update Guide (Teams is not listed as a product) Microsoft Technical Security Notifications
Slack Slack Security tips to protect your workspace Slack updates and changes (Unknown)
Zoom Security in Zoom Zoom Help Centre - Security Click 'Follow' on right-hand side

Virtual Private Network (VPN)

Vendor Configuration Security Advisories Notification Options
Check Point CheckPoint Remote Access VPN Administration Guide Check Point Advisories Subscribe
Cisco Cisco AnyConnect Configuration Guide Cisco Security Advisories Subscribe RSS API
F5 Networks (Unknown) AskF5 New & Updated Articles (needs manual filter for ‘Security Advisory under Document Type) Subscribe
Fortinet FortiGate / FortiOS Tele-Working Guides FortiGuard PSIRT Advisories RSS
Palo Alto Networks (Unknown) Palo Alto Networks Security Advisories Subscribe RSS
pfSense Configuring an OpenVPN Remote Access Server pfSense Security Advisories Subscribe via Netgate
Pulse Secure Pulse Connect Secure: Security configuration best practices Pulse Secure Security Advisories RSS
WatchGuard (Unknown) WatchGuard Security Portal (Unknown)

Remote Access Gateway (RAG)

Vendor Configuration Security Advisories Notification Options
Akamai (Unknown) Akamai Release Notes (Unknown)
Citrix Citrix Virtual Apps and Desktop: Security considerations and best practices Citrix Trust Center (Unknown)
ZScaler Step-by-Step Configuration Guide for ZIA Zscaler Trust Security Advisories RSS

Contributing

Items marked (Unknown) need further research! You can help contribute to this list and make it easier for administrators to find and securely configure remote working solutions.

If you'd like to make a suggestion, or correct something, then raise an issue.

Pull requests are also very welcome! Though to aid review, please:

  • Submit one PR per section you are updating
  • Add new vendors in alphabetical order
  • Keep the table format: VENDOR | CONFIGURATION | ADVISORY | NOTIFICATION
  • Only link to vendor, or national technical authority (e.g. NCSC, NIST, etc) resources

License

This resource is freely available under the Creative Commons Zero License (CC.0), so please use, share, modify and improve it!