While moving work into employee’s homes in light of the global COVID-19 pandemic was abrupt, the move back into the office has also been difficult for some. With regions suffering from new outbreaks, like Victoria, it’s important to have key strategies to avoid potential cyber security risks when returning to the office.
How Do Organisations Do This?
Before reopening, organisations should review their data, hardware and software, facilities management and staff requirements. All of these are subject to change throughout the Work From Home (WFH) process, and should be carefully analysed to ensure health and proper functionality.
Also, many organisations turned to bring your own device (BYOD) policies during lockdowns. This policy should be reviewed to ensure all assets are correctly logged.
Multi-factor authentication was an essential part of many WFH security strategies, and this policy should be kept in place.
If your organisation migrated systems online to help with remote access these systems should be assessed for security health.
Remote access capabilities and solutions, like remote desktop protocols (RDPs) and VPNs should also be kept in place, in case new COVID-19 cases emerge in your area. This means RDPs, which is vulnerable to password theft and server exploitation, must be reviewed.
Changing from a WFH environment to a World From Office (WFO) environment can mean new systems are added to the network. Ensure these new systems are added to a regular vulnerability scanning schedule, and penetration tested by a cyber security expert.
The COVID-19 pandemic forced businesses to test their readiness to adapt to abrupt working environment changes. Take this opportunity to review your performance, analysing where you did well and where improvement can be made in the event of reinfection.
Unfortunately, the pandemic increased most organisations’ cyber-attack vulnerability. Phishing, malware and ransomware all increased. Incident response playbooks should be reviewed with new training scenarios to prepare staff for specific attacks seen in recent months.
To ensure your business is ready and protected for your employees to return to work, hire a cyber security expert to implement penetration testing. We will test all possible vulnerabilities before the hackers have a chance to penetrate your business.