Managing Cyber Security As Office Work Resumes

Uploaded on 2021-05-04 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

COVID-19 vaccinations are increasing and many organisations have said that they will gradually move employees out of home working and back into the office. However, the future will see more staff splitting time between home and their office

While working from home, your employees may have developed poor cyber security habits and used personal devices to access corporate data. 

Before they return, take the opportunity to remind them about the latest security risks and share with them any updates that have been made to your organisation’s information and data security policies. 

Many organisations are providing training about new workplace rules to help prevent the transmission of COVID-19, but even these resources are vulnerable to cyber-attacks. Cyber criminals are now targeting safety training as a way to spread malware and steal data. Avoid these risks by clearly identifying the training materials and resources you provide and making them available through one online point rather than via email, if possible.

In addition to temperature checks and elevator spacing protocols, employees might be settling into new floors or buildings that have been updated to increase the physical distance between workers and offer “hot desking” or “open desking” where employees from various business units sit together. 

Routine discussions of sensitive information, including HR reviews, internal investigations, highly confidential trading data, material nonpublic information, and earnings projections, will happen, so security teams must consider how best to stagger or separate employees to prevent exposure.

With a return to the office, new hardware like enhanced videoconferencing devices and dedicated terminals must be managed appropriately:-

  • Ensuring inventories of physical hardware are updated to include newly deployed office infrastructure as well as the home office kit provided during the last year is essential. 
  • Deploy oversight controls for collaboration and chat platforms. From a software perspective, collaboration and chat tools like Zoom, Slack, Cisco Webex, and Microsoft Teams have provided the backbone for business communications during the pandemic. These platforms will continue to grow as the core connectors of employees in the hybrid work environment. 
  • Cyber security and compliance teams must observe the regulatory capture, retention, and supervision on these platforms, but should also anticipate the potential data leakage risks from information shared through screen shares, Webcams, chat, file shares, and whiteboards. 

Collectively, cyber security and compliance teams must begin the return-to-office planning process so that when employees arrive, everyone is prepared. Given that updating risk registers, implementing new technology tools, revising policies, and creating new training requires well-aligned, coordinated efforts, now is the time to define and begin executing on these tasks.

Dark ReadIng:      Compliance Week:         Redscan:     Image: Unsplash

You Might Also Read: 

Create A Cybersecurity Compliance Plan With These Seven Tips

 

« Dark Web Drug Dealers Jailed
The Cyber Security Paradigm Is Changing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

2|SEC Consulting (2-SEC)

2|SEC Consulting (2-SEC)

At 2|SEC Consulting, we deliver an end-to-end service of cyber and information security solutions which are tailored to each client’s exact security needs.

Kaseya

Kaseya

Kaseya is a premier provider of unified IT management and security software for managed service providers (MSPs) and small to medium-sized businesses (SMBS).

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

National Security Authority (NBU) - Slovakia

National Security Authority (NBU) - Slovakia

The National Security Authority (NBU) is the central government body in Slovakia for the Protection of Classified Information, Cryptographic Services, Trust Services and Cyber Security.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Brimondo

Brimondo

At Brimondo we help you to maximize and protect your brand value by being a proactive and strategic partner within brand protection with experts within intellectual property and digital assets.

Schneider Downs

Schneider Downs

Schneider Downs & Co. provides accounting, tax and business advisory services through innovative thought leaders who deliver their expertise to meet the individual needs of each client.

Xiarch Solutions

Xiarch Solutions

Xiarch Security is an global security firm that educates clients, identifies security risks, informs intelligent business decisions, and enables you to reduce your attack surface.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

CyberTest

CyberTest

CyberTest offers cybersecurity consulting and penetration testing services that helps organizations and businesses securing their assets.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

Internet Watch Foundation (IWF)

Internet Watch Foundation (IWF)

Since the early days of the internet, our job has been to help child victims of sexual abuse by hunting down and removing any online record of the abuse.