Keeping a Peaceful Home Office The 4 Essential Cybersecurity Measures for Remote Work
We’re all a bit exhausted.
You might be uncertain about: • How employees are using their time while working from home • How overall productivity will be affected • If more remote work means less social connection and a weaker culture • If your staff trusts that you have things under control • The security of your organization’s files and confidential information
Today’s focus: The security of your organization’s files and confidential information
Just as working from home isn’t just a temporary solution, cybersecurity is not just an issue now.
Agenda 1. The best ways to secure every employee’s workspace 2. How you should teach your teams to identify real security risks 3. What the Zero Trust Principle is, and if it’s the right approach for your organization 4. What a detailed & responsible WFH policy looks like **Stay until the end for an exclusive WFH resource!
7 Speakers Glenn Mudryk Robert Craig CEO IT Director
0. The Fundamentals of WFH What you need to know before we dive in.
Scenario A Your remote workers use corporate laptops that are managed by your organization.
Scenario B Your remote workers use their own machines.
Endpoint security measures often include anti- virus, application control, URL filtering, and other barriers to prevent hacking.
Data leakage is harder to manage. Data can leak if an employee sends emails to the wrong people or engages in risky behaviour.
1. Securing every workspace How to treat home offices like the real office
STEP 1) Set up remote access Authorizing your employees to access their office computer and network from a geographical distance.
STEP 2) Keep worlds separate Authorizing your employees to access their office computer and network from a geographical distance.
Using personal devices for work creates problems around document preservation and adds increased risk.
If you use remote access, your IT team should be: • Installing regular updates • Running antivirus scans • Blocking malicious sites • Transparent about their security measures
Work data is for work devices. Home data is for home devices.
2. Learn & teach security risks Know your cybersecurity. Pass it on.
STEP 1) Know the risks
Identify and avoid phishing emails and websites.
Avoid the use of personal email, file sharing or communication services, and always use business accounts.
Avoid saving passwords, work-related emails or documents to personal email accounts, cloud databases and devices.
Don’t leave devices and paper documents in vehicles, even for a short time, and even if the vehicle is locked.
Don’t send sensitive information over email. Implement a secure means to sending specific types of sensitive information.
Don’t use unsecured or public Wi-Fi while working.
Be conscious of clicking links and downloading files, particularly from unsolicited and suspicious emails.
Lock computers and paper documents when away from the desk, even if the home seems secure.
Verify the security of electronic devices by updating software frequently, ideally with automatic updates.
Only use work-approved software systems and communication platforms.
STEP 2) Add WFH to your cybersecurity training
Your cybersecurity workshop should: • Clearly communicate the potential impact of a cyber incident on your business • Train your employees to recognize and respond to a cyber attack • Issue specific rules for email, internet browsing, social networks and mobile devices • Plan for follow-up cybersecurity sessions (like lunch & learns or even an online forum)
Update your cyber-incident response plan. Data breaches can lead to lawsuits and fines, productivity loss, and serious reputational damage.
STEP 2) Provide a take-home cybersecurity guide* *Available after the presentation!
3. The Zero-Trust Principle And what it means for your business
In today’s world, the remote worker needs to be able to do everything they can do from their desk if you want your organization to remain productive and competitive …. … But allowing employees to access critical business systems and data from machines and networks you don’t manage or trust means the risk grows exponentially. — Alex Willis Blackberry Vice President of Sales Engineering
The Zero-Trust Principle Organizations should not automatically trust anything inside or outside its perimeters, and instead must verify anything and everything trying to connect to its systems before granting access.
Some Zero-Trust measures • Multi-factor authentication • Encryption • Identity Access Management • Analytics
Zero Trust is a transformation of infrastructure .
4. How to Create a WFH Policy For a remote work-friendly future
What is a Work-From-Home Policy (or Telecommuting Policy)?
i) Questions to determine if telecommuting is appropriate
ii) A procedure for requesting to work from home or remotely
iii) Employment terms (in case working from home would have any effect on compensation or benefits)
To determine if it’s appropriate to allow an employee to work from home, the policy should consider…
• What are acceptable reasons for telecommuting? • Is the employee eligible for regular telecommuting, by nature of their job? • Does the employee have the necessary equipment or software installed at home? • Will collaboration with the employee’s team suffer greatly?
We know that remote work is a big adjustment for many people.
How we can help 1) Protecting your mission-critical business data in secure cloud storage
How we can help 2) Securing your endpoints with Zero-Trust measures
How we can help 2) Monitoring your network to prevent outages (at the office and at home)
Summary: The Four FIVE Essential Measures 1. Secure every employee’s workspace 2. Learn and teach cybersecurity risks 3. Apply the Zero-Trust approach for digital transformation 4. Create & enforce a WFH policy The 5th and most important : 5. Ask for professional help when you need it.
Q&A
Thanks for coming.
Recommend
More recommend