Table 3.
Implementing “Secure Remote Desktop Protocol” to WFH users.
| Stages | Description |
|---|---|
| Stage 1 | The IT department is required to organize a short online module with quizzes and answers to teach working from home users about remote desktop protocol attacks and its potential to spread ransomware |
| Stage 2 | All working from home users are required to complete the short modules with quizzes and answers before moving to stage 3 |
| Stage 3 | Using any online face-to-face medium, the IT department are required to personally teach working from home users about the concept of remote desktop protocol. Repeat if working from home users have not yet understand the concept of Remote Desktop Protocol |
| Stage 4 | Using any online face-to-face medium, the IT department must now demonstrate how to respond appropriately to potential remote desktop protocol attacks. For instance, the IT may say that if a suspicious source asks the working from home user to change their port number to 3389 where one should not comply with the demand. Repeat if working from home users have not understood how to respond appropriately to potential remote desktop protocol attacks |
| Stage 5 | Using any online face-to-face medium, the IT department are required to go through all the “Secure Remote Desktop Protocol” with working from home users. For instance, IT may show to working from home user how to correctly use Diceware to generate their new passphrase. Repeat if working from home user have not understood how to appropriately apply the security measures from “Secure Remote Desktop Protocol” |
| Stage 6 | At this stage, working from home user would now have a strong comprehension about the concept of remote desktop protocol, how to appropriately respond to it, and how to appropriately apply the security measures from “Secure Remote Desktop Protocol” |
| Stage 7 | Every 6 months, the IT department must go through stage 2 with working from home users to ensure that they are up to date with their skills. Stage 3, 4 and 5 are other optional stages working from home user may wish to go through again to help retrain themselves |
| Stage 8 | In the future, an organization may recruit new working from home users. The IT department is required to go through stage 2–7 with the new working from home users |