Back

10 Free Security Resources for Remote Work

When you consider all the online threats out there (with phishing, Shadow IT, APTs, ransomware, and cryptominers, to name just a few), you must ensure you are employing necessary and effective tools capable of protecting....

6 min read
Published on Mar 30, 2020
10 Free Security Resources for Remote Work

When you consider all the online threats out there (with phishing, Shadow IT, APTs, ransomware, and cryptominers, to name just a few), you must ensure you are employing necessary and effective tools capable of protecting and defending yourself and your business online. This is particularly true as more organizations shift to remote work in response to COVID-19.

The good news is that accomplishing this goal is more than achievable. Also, it is affordable! Here are 10 free security resources that you can utilize for the software and computers used within your organization. Acquire some of these resources through Microsoft for your applications and licenses.

Your only cost is the time you need to learn these free security resources and how to apply them to your own organization. Let’s dig right in and tighten your company’s security even further than before.

Security Awareness Program

SANS, a provider of cyber security training, certification and research has long provided a Security Awareness Program for employees, but has also releases a “Security Awareness Work From Home Deployment Kit to hep keep your team members secure when moving to a work from home environment.

There are several approaches you can consider when facilitating this program. A great introduction to company security awareness is including this program as a key component of your new employee onboarding process. Another option is providing a continuing online training program which includes a series of recap quizzes to further test comprehension; this keeps all employees current and alert to the importance of proper security awareness. Developing an instinctive sense of the knowledge, attitude, and behaviors demanded to protect your organizations’ information weaves security awareness into your company culture.

Cybersecurity Awareness Training

A logical and necessary partner to a rigorous security awareness program, employing cybersecurity awareness training elevates your company security awareness to the topmost level. By becoming aware of cybersecurity, you remain informed of possible threats and are better equipped to prevent them. Ninjio makes short anime style videos that detail real-world cyber-attacks and provides them in both enterprise and home user editions. These videos are frequently very kid friendly, giving a useful resource for workers who may also be juggling kids impacted by school closure. Their blog is also a good resource on new and emerging threats, including a great write up on new risks being seen during the COVID 19 pandemic.

Penetration Testing

One of the best ways of revealing the inherent weaknesses in your system (even the best and most secure systems can uncover weakness spots) is to perform penetration testing. This imitates a cyber attack, which in turn exposes vulnerabilities and errors on your end before a real one happens. This is similar to finding the vaccine to battle disease by mimicking its behavior and effects in a controlled environment. This process keeps you informed and also keeps your systems current to the latest threats.

Breached Password Test

It never fails that some users insist on user the same passwords for all of their logins. It’s understandable, since memorizing multiple passwords and user names can be challenging, but it’s also a very poor security practice making it easier for hackers to breach your organizations’ networks and get their hands on valuable data.

The plain fact is that passwords that are used frequently have a greater likelihood of being compromised. But by using this indispensable and essential breached password test you can find out fast who in your organization are using passwords that have been hacked. You can also find out if your company domains have been part of any data breach which included passwords used within your organization. Regularly running this resource can finally keep your company ahead of the hackers.

Phishing Security Test

Phishing scams continue to rank at the top of the list for successful data breaches. Rather than assume your efforts to prevent successful phishing attempts are effective, it is much better to put them to the test yourself by performing your own phishing security test before an outsider does it for real.

Receive a report within 24 hours which shows how prone your organization is to phishing attempts and offers an industry comparison of your strength against this insidious and all-too-often successful practice. One again, being informed is the first step to being armed against possible security breaches.

Microsoft also provides a Phishing attack simulator right in Microsoft Security Center. This tool has the benefit that since the attack originates within you system, you do not need to disable any phishing defenses in your environment prior to testing user response.

Ransomware Simulator

This is another situation where, when you think like a criminal, you can stop them in their tracks. One particularly nasty security breach which can be avoided by proactively testing your own security system is a ransomware simulator. This is a form of malware that blocks access and/or threatens to publish private data until a ransom is paid.

By running a ransomware simulator, you will see if your network is prepared to defend against such an attack. Note, this ransomware simulator DOES encrypt data, and should only be used if you know what you are doing.

Microsoft Security Compliance Toolkit

For network administrators working with Microsoft Windows and other Microsoft products, this Security Compliance Toolkit (SCT) allows them to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines.

The SCT offers two tools:

  • Policy Analyzer - this utility lets administrators analyze and compare sets of Group Policy Objects
  • Local Group Policy Object  - this is a command-line utility which helps automate Local Group Policy management

For more information concerning security baseline recommendations, we recommend you consult the Microsoft Security Baselines Blog.

Defenses Against Phishing in Office 365

reviewing security measures at night

For users of Office 365 programs, there are a couple of methods for protecting against phishing attempts:

  • Enterprise E5 Plan  - the Security and Compliance Center offers ATP anti-phishing
  • Office 365 ProPlus Plan - you will also find support for identity and authentication protection

In either situation, protecting Office 365 from phishing attacks should remain a top priority and use of these free security resources makes monitoring this practical.

Microsoft 365 Compliance Manager

You can find the Microsoft 365 Compliance Manager in the Microsoft Service Trust Portal. This workflow-based assessment tool gives you the ability to track, assign, and verify regulatory compliance activity. However, only as it relates to Microsoft professional services and Microsoft cloud services. This including Microsoft Office 365, Microsoft Dynamics 365, and Microsoft Azure.

This tool will help you achieve and maintain compliance goals, and even offers a compliance score to make tracking progress easier.

Kali Linux in Microsoft Azure

This free platform found within Microsoft Azure is based on Debian Linus. Kali Linux offers an outstanding set of more than 600 tools which include database assessment, forensics, and password attacks, all of which fit on a thumb drive, a Raspberry PI, or even in Microsoft Azure with an easy installation procedure. Watch our Tech Talk that details how to configure Kali Linux in Azure as well as how to run a proper phishing campaign complete with a copied credential page.

Find More Free Security Resources

As you can see, creating a secure and security-aware network and environment won’t cost you an arm and a leg. Security in the Cloud is as easy as partnering with Agile IT today. Contact us now so you can stop worrying about security breaches and start doing something about it!

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Azure Migration Planning A Complete Assessment Checklist for a Successful Transition

Azure Migration Planning A Complete Assessment Checklist for a Successful Transition

A successful Azure migration starts with proper planning. Use this step-by-step assessment checklist to evaluate infrastructure, dependencies, and tools before migrating.

Jun 23, 2025
7 min read
Migrate On-Premises VMs to Azure: Tips, Advice & Best Practices

Migrate On-Premises VMs to Azure: Tips, Advice & Best Practices

Learn how to migrate on-premises VMs to Azure with expert tips and best practices. Optimize your cloud migration strategy for security, performance, and cost efficiency.

Jun 20, 2025
9 min read
Azure Migration vs AWS Migration Key Differences

Comparing Azure Migration and AWS Migration Key Differences in Cloud Strategy

Comparing Azure and AWS for cloud migration? Learn the key differences in pricing, security, tools, and performance to choose the right platform for your business.

Jun 18, 2025
8 min read
Benefits and Challenges of Azure Cloud Migration

Key Benefits and Challenges of Migrating to Microsoft Azure

Migrating to Microsoft Azure offers scalability and security, but it comes with challenges. Explore the key benefits and hurdles of Azure cloud migration.

Jun 17, 2025
10 min read
Who Needs to Comply with CMMC Regulations? - Agile IT

Who Needs to Follow DoD Cybersecurity Requirements for CMMC Compliance

CMMC regulations apply to defense contractors, subcontractors, and suppliers handling DoD information. Find out who must comply and what certification level is required.

Jun 17, 2025
6 min read
What’s the Real Cost of CMMC Compliance?

The Real Cost of CMMC: Catching Up on What You Were Already Supposed to Be Doing

CMMC isn’t introducing new rules, it’s enforcing what should already be in place. Learn what’s really driving the cost of CMMC compliance.

Jun 16, 2025
4 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation