Work from Home-Cybersecurity & IT Risk Management & Best Practices

Insights: From the desk of Joseph Rossi

Share on:

AVOIDANCE

  Invest in a robust VPN solution that includes two-factor authentication. Make sure there is surplus bandwidth & capacity. (Remote network is the new corporate real estate.)

  Use company-issued devices to whatever extent possible:

o   Avoid the Fraud Triangle -BYOD contributes to both opportunity & rationalization.

o   If personal devices are permitted make sure standardized security tools and appropriate use procedures are in place.

  Store all work data in approved work locations and do not send sensitive information via unencrypted email.

REDUCTION

  Ensure all devices used for work purposes have adequate endpoint protection software and are subject to robust vulnerability management.

  Awareness Training –

  Require extra-long secure passwords/pass phrases.

  Educate staff on anti-phishing knowledge to better spot and avoid scams.

  Set guidelines for use etiquette to discourage most personal use of company equipment such as personal email or web access.

  Review home network settings to correct and upgrade as needed.

  Always avoid public wi-fi and guest networks.

  Have a remote compromise & leavers plan for asset recovery in case of a security breach or turnover of a remote company device.

  Enable remote wipe? for company-issued phones & mobile devices.

TRANSFER

  Consider transferring the residual cyber risk by purchasing cyber insurance coverage.

RETENTION

  Conduct regular cyber risk reviews to know your complete risk profile and retain as little risk as is practical for your business.

 By  Mark Maxwell, Outside Technologies

Share on: