Practicing good remote access hygiene in times of uncertainty

As the business world reacts to the current health crisis, companies are offering remote access to any role that can work from home. Taking a cue from the changing environment, cyber-criminals are already taking advantage. Already (03/15/2020) the US Health and Human Services Department suffered a cyber-attack with the intention of distributing false information.

Here are some recommendations on continuing to practice good information security hygiene as more of the access moves outside of the physical office.

Security Awareness Training

Access and Data Storage

Incident Response Planning

CEO Fraud Prevention

The need to immediately increase remote access capabilities is here, much sooner than a lot of companies were prepared for. But just as it is not prudent to take shortcuts to meet a deadline from your boss, now is not the time to sacrifice security for expedience or convenience. We have already seen examples of people sharing links to private company meetings via social media sites, virtually opening the meeting to anyone who happens upon the link. It is essential that these users who now have new methods of access, understand and protect that access. The bad guys are actively looking to prey upon those who are unprepared.

Risks and Considerations for IT: A Pandemic

What can IT do to prepare?

We all know the stats of the Coronavirus, although they are changing by the minute. We know what to do personally and for our families but what about for our Company?

Many customers do have Business Continuity Plans or Enterprise Risk management plans, but do they include plans for a Pandemic such as this?

A few things to consider:

  1. Remote access for employees. Can employees continue their normal work from home? Phones for customer calls? Do you have enough licenses to support large numbers of SSL VPN connections?
  2. Customer & vendor meetings. Many companies have started to stop all onsite meetings to protect their employees. This is where collaboration software is king. Do you have enough licenses for GoToMeetings, Zoom, or others?
  3. Communications plans. (Pre and Post Pandemic) Is there effective means to communicate with employees should the business (or schools) require to close its doors? Email, mobile phones, Teams, etc?
  4. Insurance. Many corporate insurances plans (Business interruption clauses) have Pandemic inclusions…. does yours? Maybe dust it off and know your coverage.
  5. Travel Insurance. Even if your company has not issued a stop on travel many other companies have. Can existing travel plans be changed without forfeiture or fees?

Just a few things to think about for your best practice preparedness plans.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram