As many employees transfer back to a more traditional business setting from remote work environments, adjustments to cybersecurity protocols are going to be necessary. Organizations will need to evaluate any temporary provisions that were put into place during the COVID-19 pandemic, including any shortcuts that were taken and processes that were circumvented, and whether such protocols should be reversed or enhanced. Companies that deal with sensitive data, such as financial information, health information or any data linked to the personal identity of individuals should be especially cautious, as this type of information is highly sought after by cybercriminals and other bad actors. The following provides a closer look at some of the cybersecurity areas that may need a closer examination.
Remote access and network security
Some companies may have already utilized Virtual Private Networks (VPNs) for associates to work remotely at a client site or while traveling. However, as stay-at-home orders forced many out of their offices, accommodations were likely made to facilitate access to systems and data that might not have been traditionally permissible under normal circumstances. During the height of the pandemic, nearly all staff members may have been sent home with a laptop, or been given permission to access network drives, mail servers or databases from a personal device. All instances where permissions were granted to personal devices should be monitored closely for now, reevaluated and ultimately removed when employees have transferred back into the office.
All equipment that was left in the office, such as desktop computers, should be updated with the latest software and scanned for potential malware before use. It is also important to keep track of equipment that was relocated out of the office for remote purposes, specifically devices that contain sensitive information, such as laptops and portable hard drives. Organizations should consider scanning devices for malware and applying patches and updates before reconnecting them to internal networks. The use of offline data storage techniques should be discontinued and regular protocols put back in place to match previous security standards if deviations were allowed when working from home. Data that has been stored offline by employees will also need to be retrieved so that there are no information discrepancies or data loss.
When returning to the office, it is important to determine if the protocols used to accommodate the remote work environment are still necessary. This may have included adding privileges to user accounts or simply a larger amount of data being hosted and transferred outside of the office.
It will also be crucial to ensure that security policies and procedures are documented — or updated for those organizations that already have documented security programs — to reflect the established control environment. Any exceptions or concessions made for those that will continue to access the network remotely or circumvent any established security control should be documented accordingly.
Documentation for business continuity
Managers should document any issues identified with remote working arrangements and solicit feedback to address noted challenges and lessons learned in the event that business is disrupted in the future. As uncertainty with the normalization of business environments continues, clients as well as employees will be curious about future business continuity, incident response and disaster recovery plans, as well as how quickly a remote environment can be facilitated again. This is an opportunity for your company to learn from the experience of working virtually and isolate what was effective, and what was not effective, from a technical standpoint.
It is likely that cybersecurity will be a relevant concern for cloud computing solutions, as many companies broadened their use of cloud systems to facilitate a variety of working conditions. Information technology departments will want to stay current on new developments regarding system security so that internal network security can be enhanced to better support employees who may have to complete business objectives outside of the office.
Some changes may be here to stay
Whether another emergency situation requires businesses to provide for remote working conditions or employees willingly migrate outside of the office, a careful evaluation of security controls by a third party — such as cybersecurity assessments, vulnerability assessments and penetration testing, or social engineering procedures — will be essential to keep your organization protected from information security threats.