So, your organization has decided to work from home, likely in response to COVID-19 and the pandemic we are all facing. I know, you were expecting pajama pants, slippers, and total comfort. Turns out that, while yes you have those things, it’s just like regular work. Only now it feels like you were separated from the group, almost as if you did something wrong. On top of that? What about security? Are we not facing the ever-present threat of that bad guys trying to get at our personal info, and other protected data? Well there are steps we a can take, even with working from home, to keep out network safe. This list was compiled with that in mind. So, sit back, sip your coffee, and enjoy those PJ’s and slippers while we review some things that can keep your work at home secure.
The Checklist:
As COVID-19 continues to spread our goal is not only to enable work from home safely, but to enable continued service to our clients. So, lets start our list in the most basic of places.
1. Have a remote accessible workspace available to your staff
This can mean several things. VPN, RDP, or even cloud collaboration spaces. I know this seems like a “have you check to make sure its plugged in” kind of moment but this is important to mention. Not everyone knows where to start (and that’s ok).
2. Consider using video calling
Working from home doesn’t have to mean absence from meetings, 1 on 1’s, and even co-worker conversation. Seeing and being seen can be powerful when you consider the alternative. Yes, this means you must wear pants, but it also means that the common side-effect of feeling disconnected while at home can be managed better when you can reach out to others and see them too.
3. Prepare your staff for working from home
Make sure they have access to phone numbers, voicemail, and whatever communication methods your organization uses. In addition, the security that goes along with those things outside of the building. Wearing jammies is no excuse for no security.
4. Understand that remote workers are a security risk
Not because they are bad pantsless people. No, but their PC’s and devices are often already victims of things like malware or worse without them having any idea. This is especially the case when the PC in question is shared with other family members.
5. IT should now be at red alert
Yeah you heard me. Shields up, photon torpedoes loaded. It doesn’t matter if your IT is internal or an MSP, this is the time to be extra vigilant.
This list is by no means all encompassing. There are other things to be mentioned. Cyber security insurance, which is a good idea. Make sure it covers social engineering and make sure it’s enough coverage. Also, events like this are a good reason to look at your business continuity or disaster recovery policies. Make sure they are up to date and accessible, and that your team knows them and what’s expected.