Managing Cyber Security As Office Work Resumes

Uploaded on 2021-05-04 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

COVID-19 vaccinations are increasing and many organisations have said that they will gradually move employees out of home working and back into the office. However, the future will see more staff splitting time between home and their office

While working from home, your employees may have developed poor cyber security habits and used personal devices to access corporate data. 

Before they return, take the opportunity to remind them about the latest security risks and share with them any updates that have been made to your organisation’s information and data security policies. 

Many organisations are providing training about new workplace rules to help prevent the transmission of COVID-19, but even these resources are vulnerable to cyber-attacks. Cyber criminals are now targeting safety training as a way to spread malware and steal data. Avoid these risks by clearly identifying the training materials and resources you provide and making them available through one online point rather than via email, if possible.

In addition to temperature checks and elevator spacing protocols, employees might be settling into new floors or buildings that have been updated to increase the physical distance between workers and offer “hot desking” or “open desking” where employees from various business units sit together. 

Routine discussions of sensitive information, including HR reviews, internal investigations, highly confidential trading data, material nonpublic information, and earnings projections, will happen, so security teams must consider how best to stagger or separate employees to prevent exposure.

With a return to the office, new hardware like enhanced videoconferencing devices and dedicated terminals must be managed appropriately:-

  • Ensuring inventories of physical hardware are updated to include newly deployed office infrastructure as well as the home office kit provided during the last year is essential. 
  • Deploy oversight controls for collaboration and chat platforms. From a software perspective, collaboration and chat tools like Zoom, Slack, Cisco Webex, and Microsoft Teams have provided the backbone for business communications during the pandemic. These platforms will continue to grow as the core connectors of employees in the hybrid work environment. 
  • Cyber security and compliance teams must observe the regulatory capture, retention, and supervision on these platforms, but should also anticipate the potential data leakage risks from information shared through screen shares, Webcams, chat, file shares, and whiteboards. 

Collectively, cyber security and compliance teams must begin the return-to-office planning process so that when employees arrive, everyone is prepared. Given that updating risk registers, implementing new technology tools, revising policies, and creating new training requires well-aligned, coordinated efforts, now is the time to define and begin executing on these tasks.

Dark ReadIng:      Compliance Week:         Redscan:     Image: Unsplash

You Might Also Read: 

Create A Cybersecurity Compliance Plan With These Seven Tips

 

« Dark Web Drug Dealers Jailed
The Cyber Security Paradigm Is Changing »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

SecurityMetrics

SecurityMetrics

SecurityMetrics is leader in data security, PCI, and HIPAA compliance solutions

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

Versa Networks

Versa Networks

Versa is a software-defined networking vendor providing an end-to-end solution that both simplifies and secures the WAN/branch office network.

e-Crime Bureau

e-Crime Bureau

e-Crime Bureau is a specialized company offering cyber/computer forensics, cyber security consulting services, forensic audit and investigations services and training to clients across Africa.

Compnet

Compnet

Compnet is a service company that assists customers in integrating complete ICT systems including network infrastructure and security solutions.

CERT.lu

CERT.lu

CERT.lu is an initiative to enhance cyber security practices and techniques, and support security professionals in Luxembourg.

CERT Tonga

CERT Tonga

CERT Tonga is the national Computer Emergency Response Team for Tonga.

QuickLaunch

QuickLaunch

QuickLaunch transforms how cloud-savvy institutions and companies manage human and device authentication, authorization, access control and integration.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Glilot Capital Partners

Glilot Capital Partners

Glilot Capital Partners is an Israeli seed and early-stage VC. We specialize in businesses which disrupt enterprise technology, mainly in the fields of AI, big data and cybersecurity.

AUTOCRYPT

AUTOCRYPT

AUTOCRYPT is a mobility security provider dedicated to the safety of future transportation

Electrosoft Services

Electrosoft Services

Electrosoft provide mature, innovative technology-based services and solutions to power critical IT programs and keep our nation safe from cybersecurity attacks.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.