Managing Cyber Security As Office Work Resumes

COVID-19 vaccinations are increasing and many organisations have said that they will gradually move employees out of home working and back into the office. However, the future will see more staff splitting time between home and their office

While working from home, your employees may have developed poor cyber security habits and used personal devices to access corporate data. 

Before they return, take the opportunity to remind them about the latest security risks and share with them any updates that have been made to your organisation’s information and data security policies. 

Many organisations are providing training about new workplace rules to help prevent the transmission of COVID-19, but even these resources are vulnerable to cyber-attacks. Cyber criminals are now targeting safety training as a way to spread malware and steal data. Avoid these risks by clearly identifying the training materials and resources you provide and making them available through one online point rather than via email, if possible.

In addition to temperature checks and elevator spacing protocols, employees might be settling into new floors or buildings that have been updated to increase the physical distance between workers and offer “hot desking” or “open desking” where employees from various business units sit together. 

Routine discussions of sensitive information, including HR reviews, internal investigations, highly confidential trading data, material nonpublic information, and earnings projections, will happen, so security teams must consider how best to stagger or separate employees to prevent exposure.

With a return to the office, new hardware like enhanced videoconferencing devices and dedicated terminals must be managed appropriately:-

  • Ensuring inventories of physical hardware are updated to include newly deployed office infrastructure as well as the home office kit provided during the last year is essential. 
  • Deploy oversight controls for collaboration and chat platforms. From a software perspective, collaboration and chat tools like Zoom, Slack, Cisco Webex, and Microsoft Teams have provided the backbone for business communications during the pandemic. These platforms will continue to grow as the core connectors of employees in the hybrid work environment. 
  • Cyber security and compliance teams must observe the regulatory capture, retention, and supervision on these platforms, but should also anticipate the potential data leakage risks from information shared through screen shares, Webcams, chat, file shares, and whiteboards. 

Collectively, cyber security and compliance teams must begin the return-to-office planning process so that when employees arrive, everyone is prepared. Given that updating risk registers, implementing new technology tools, revising policies, and creating new training requires well-aligned, coordinated efforts, now is the time to define and begin executing on these tasks.

Dark ReadIng:      Compliance Week:         Redscan:     Image: Unsplash

You Might Also Read: 

Create A Cybersecurity Compliance Plan With These Seven Tips

 

« Dark Web Drug Dealers Jailed
The Cyber Security Paradigm Is Changing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Akamai

Akamai

Akamai are the leading provider of services for delivering, optimizing and securing online content and business applications across any device, anywhere.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

Datex

Datex

Datex DataStealth provides organizations with an enhanced level of security and privacy for both structured and unstructured data and documents.

Culinda

Culinda

Culinda secures medical IoT devices in hospitals with An Artificial Intelligence platform and security gateway.

Outsource UK

Outsource UK

Outsource UK is an independent recruitment company supplying highly-skilled technology, change and engineering talent to clients within a range of specialist sectors including Cyber Security.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Cyber Griffin

Cyber Griffin

Founded by the City of London Police in 2017, Cyber Griffin is an initiative that supports businesses and individuals in the Square Mile to protect themselves from cyber crime.

4Securitas

4Securitas

4Securitas is an innovative cyber security firm focused on protecting critical data at the core of every organisation.