In the wake of Coronavirus, the entire world is being impacted and as a precautionary measure, most of the organizations have allowed their employees to work from home. Whilst It’s critical for organizations to take precautionary measures the majority of the organizations have not considered the risks to their business with employees working from home. Many organizations have started procuring laptops to allow users to work from home and establish infrastructure for remote connectivity. Many organizations have overlooked some basic and key cybersecurity hygiene whilst setting up remote access.
When users work from home, they access the production environment over the internet (public network) which is considered a non-trusted network. Also, chances of data leakage are higher when the user works from home. We have been receiving several calls from our customers wanting to know about the best practices to protect data while working from home. Hence, we decided to release a few pointers which will help you to protect your valuable data. This is our small contribution to the community. So, they should not waste their time in research and can pay more attention to their loved ones. You can use the below checklist as Food for Thought and start building up a risk database and implement the controls to mitigate the risks.
- Are you allowing users to use their own devices like laptops/ desktops? If yes, how are you going to protect your valuable data from users to download/copy, etc?
- If you are providing company laptops, have you hardened them as per company policy?
- Have you implemented the controls to protect data residing on your portable devices?
- If you are renting any devices, then ensure you format them before and after the use.
- Have you conducted special information security awareness training for users working from home? Try to cover all the do’s and don’ts. Always explain to all users working from home your company’s expectations and acceptable usage policy.
- Have you established strong password policies?
- Have you implemented the controls to protect devices from zero-day attacks and malicious activities?
- Which type of VPN have you selected? Does it meet your requirements? And is it strong to protect you? Have you tested this recently?
- Do you have MFA? Contact us if you want to know more about it.
- We have observed a huge increase in phishing emails. Make your users aware of phishing emails. Instruct them not to click/ open any Corona advisory. It was observed that malicious users are sending out maps of Coronavirus spread which has malicious code. This is a critical message to all users linked to their corporate network whilst working from home do not open any such links or view any social networking forums whilst connected to their companies’ network.
- Send periodic Coronavirus update emails to your users from your organization. Let them know the best practices to prevent the spread of Coronavirus. It is a very difficult situation we all are facing currently, and we must support each other during this uncertain time with the coronavirus. If you are observing isolation, start pursuing your hobbies like painting, singing, etc. Stay away from social media.
We are just a phone call away. Call us on 1300 292 376 to know more about protecting your environment while working from home.
Take care, stay safe and say Namaste
(it means ‘my soul salutes the soul within you’ and don’t shake hands).