The new “work from home” (WFH) paradigm introduces new experiences for corporate users who now must work from home.  For corporate users following best security practices and requiring 2FA based VPN or cloud technologies — it is “business as usual” … however, the article shares excellent awareness of security risks & possibly more user lockouts — due to working thru new techniques.  Every organization must ensure WFH access techniques are as secure as possible — as security attacks have not abated, and if anything worsening under COVID-19. 

https://redmondmag.com/articles/2020/04/24/password-resets-for-remote-workers.aspx

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/secure-channel-expired-machine-account-password-concerns/ba-p/1333535

Microsoft this week explained how the machine password mechanism for Windows systems works, and the effects when people have shifted to working remotely.  A shift to remote work likely happened for many organizations in March due to the coronavirus disease pandemic. Employees took company laptops and PCs home, but IT preparations to support remote work scenarios may have lagged.

Organizations may have lacked virtual private network (VPN) support, which is considered a requirement by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to support remote workers. Microsoft also recently addressed how patching remote clients can be affected by the use of VPNs in terms of the potential network bandwidth drag. A somewhat unaddressed issue is business reliance on the security of home routers that likely are being used by remote workers to connect to a company network.