Measures to keep your business on outside the office
Train your employees on how to work remotely, conduct online instructing, provide your team with all the detailed information on how to avoid malicious sites and steer clear of phishing attacks making the pandemic alerts the focus of your suspicion:
Any email or message containing information about donations, refunds, charities and news on the healthcare situation should be treated with some share of inquisitiveness: in case it concerns any banking details, contact a bank first.
VPN is a must when moving to remote work as data traffic gets particularly vulnerable. Captured data is transferred via the Internet using VPN.
If you use (and we advise you to do) monitoring software on your corporate endpoints which employees take home for work, make sure that your security efforts are not put in vain and all the other software is patched with updates. At the same time hardware and software inventorying is recommended for proper control.
UEBA technology is responsible for human factor negating — user behavior can change as an employee might feel more carefree or negligent outside the office. The technology detects suspicious activity such as abnormal amount of emails sent or implausible event sequence pointing at possible access sharing.
Make access rights management central in your control strategy. Use the solutions which helps you track account activity, file editing and access to a database, ensure correct task allocation among users.
Remember to maintain a specific approach to user performance and safety while working at home as it differs from productivity and information security issues in the workplace:
Employees can work fewer or more work hours, their workday might start early in the morning while someone will be working till late — time tracking software can be indispensable in many companies.
Remind the team that confidential information should be kept hidden from friends and relatives who live with them at home. If your staff members prefer to work with their own devices — personal laptops, smartphones — ask them to be watchful about their gadgets.
If employees work with their personal devices from home, they should connect to a terminal server or VDI with the installed software which transfers data to the server which belongs to your monitoring solution.
When accessing corporate assets workers should be identified through a two-factor authentication. Like this a password wouldn’t be enough for a cybercriminal to compromise the connection.
Ensure cloud servers security as cloud storages are among the most popular solutions while working remotely. Monitor data transfer and manage your corporate folders and files in the cloud.
Integrated DLP is a selective solution for specific needs — you may choose channels which require control. Remote work demands that cloud, Skype, laptop versions of popular messengers, corporate email should be monitored and properly protected.
Consider MDM solutions if it is relevant. In case you wouldn’t like to resort to mobile device management set your company’s policies in accordance with the current security force majeure — minimise the risks regarding unauthorised access to sensitive data.