Page 34 - Cyber Defense eMagazine for July 2020
P. 34

premises. In the home environment, extra care should be taken to secure customer and organizational
            data.

            Protection should be in place to avoid unauthorized access or disclosure of the information stored and
            processed by the equipment. No other person should be able to access the equipment or view information
            on  the  screen,  and  you  should  guard  against  eavesdropping.  Do  not  openly  discuss  confidential  or
            Payment Card Information where you may be overheard.




            Create Strong Passwords

            Ensuring a strong and robust password protection policy might sound like common sense, however, the
            weakest  point  of  security  on  a  corporate  network  is  the  end-user.  Enforcing  system-wide,  managed
            password policies can help to create a hardened perimeter on the network.

            Support teams may have to do a little extra work to unlock and reset user accounts if the password is
            forgotten, but instilling a complex password policy, and a regular, enforced password expiration date will
            help to give the best protection to the remote workforce.

            Introducing  multi-factor  authentication  (MFA)  for  home  workers  can  add  extra  security  for  business
            assets.  Using  MFA  to  access  cloud  storage  such  as  Onedrive,  or  when  accessing  Exchange  email
            systems and collaboration tools such as Slack, Teams, or Skype for Business, will add an extra layer of
            security when out of the office.



            Communication and the Training of Homeworkers

            Lots of people have worked from home in the past, but for many, COVID-19 has forced employees to
            use technology and work from home for the first time. For many, this change is extremely difficult to adapt
            to. Not only at a technical level, but adapting to online meetings and working on your own.

            This introduces many security risks. Employees may not remember all the rules of home working. They
            may bring their device or they may unintentionally share confidential information on social media.

            Clear  and  concise  communication  channels  from  senior  management  or  HR  should  communicate  a
            consistent message defining what the expectations of the employee are. The messaging should describe
            how the business intends to function during a lockdown and what the company priorities are.

            Combine  that  with  training  sessions,  online  classes,  or  one-on-one  training  about  how  to  use
            collaboration tools, cloud productivity tools, and how working from home affects access to everyday user
            applications.

            Engaging with employees regularly is a great way to promote wellbeing at work, and keep productivity
            and  engagement  throughout  the  business.  This  benefits  morale,  and  importantly  creates  a  greater
            understanding of how to use computer systems securely.






            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         34
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   29   30   31   32   33   34   35   36   37   38   39