Page 34 - Cyber Defense eMagazine for July 2020
P. 34
premises. In the home environment, extra care should be taken to secure customer and organizational
data.
Protection should be in place to avoid unauthorized access or disclosure of the information stored and
processed by the equipment. No other person should be able to access the equipment or view information
on the screen, and you should guard against eavesdropping. Do not openly discuss confidential or
Payment Card Information where you may be overheard.
Create Strong Passwords
Ensuring a strong and robust password protection policy might sound like common sense, however, the
weakest point of security on a corporate network is the end-user. Enforcing system-wide, managed
password policies can help to create a hardened perimeter on the network.
Support teams may have to do a little extra work to unlock and reset user accounts if the password is
forgotten, but instilling a complex password policy, and a regular, enforced password expiration date will
help to give the best protection to the remote workforce.
Introducing multi-factor authentication (MFA) for home workers can add extra security for business
assets. Using MFA to access cloud storage such as Onedrive, or when accessing Exchange email
systems and collaboration tools such as Slack, Teams, or Skype for Business, will add an extra layer of
security when out of the office.
Communication and the Training of Homeworkers
Lots of people have worked from home in the past, but for many, COVID-19 has forced employees to
use technology and work from home for the first time. For many, this change is extremely difficult to adapt
to. Not only at a technical level, but adapting to online meetings and working on your own.
This introduces many security risks. Employees may not remember all the rules of home working. They
may bring their device or they may unintentionally share confidential information on social media.
Clear and concise communication channels from senior management or HR should communicate a
consistent message defining what the expectations of the employee are. The messaging should describe
how the business intends to function during a lockdown and what the company priorities are.
Combine that with training sessions, online classes, or one-on-one training about how to use
collaboration tools, cloud productivity tools, and how working from home affects access to everyday user
applications.
Engaging with employees regularly is a great way to promote wellbeing at work, and keep productivity
and engagement throughout the business. This benefits morale, and importantly creates a greater
understanding of how to use computer systems securely.
Cyber Defense eMagazine –July 2020 Edition 34
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.