As more organizations are preparing to head back to the office, there are several aspects of returning to work that need to be evaluated first. In our previous blog “Cybersecurity Preparation for Returning to the Office” we looked at the various aspects of returning to a shared workspace; social distancing, document shredding, and policies & procedures. One important area to remember is technical considerations.
You should have a plan in place to address things such as remote connectivity use or system protection. That’s what we’ll be covering here; the top technical considerations for returning to the office.
1. Check Connections
When working from home, many employees may have found new ways to connect to the internet or office network. Something you should be asking yourself before these employees return to the office is: Are VPN's or personal remote management software being used that your company isn't aware of?
The longer these connections are established, the greater the chance of them being used as an attack vector. It's important to perform a full review of your environment. Be sure to leverage existing security tools to validate data is protected and restricted appropriately. This step can be done prior to returning to the shared work environment and should be monitored regularly with employees who work from home.
2. Inventory Software and Devices
On top of remote management software, you should also be checking for other software employees may have introduced to company devices. Perform a software inventory review on corporate devices as soon as possible. Evaluate whether software is approved or needs to be removed. It is also a good idea to review what devices are on your network to ensure they are approved devices.
Software such as a LogMeIn, TeamViewer, PCAnywhere, etc. should not be leveraged if it isn't managed by the business. If these aren’t configured properly they could be used as an attack vector into the device or even the corporate network. Certain EULA's/licensing may be in violation as well if these are being used for commercial use under a personal license. Contact your employees about what they have installed onto their company devices and do a scan once those devices are safely back on company premises.
3. Establish Protection
It is important to ensure all devices that communicate with the corporate network are routinely protected. That includes malware protection. Next generation anti-virus or endpoint detection and response software should be used to constantly monitor rogue or malicious activity.
Proper configurations, including alerting and monitoring, will assist with informing IT/Security teams immediately. This can help to address any issues but also minimizes the chances of an infected machine spreading to other devices.
4. Understand Limitations
Businesses should prepare for employees and their systems to come back to the office with potential threats, such as malware. This may leave IT and Security staff with limited resources to combat the issues.
Teams should evaluate whether a planned approach will ensure protections exist to identify compromised or infected systems before they can spread to the corporate network. Much like the ability to overwhelm hospitals, IT/Security teams can get overwhelmed during a malware outbreak. Introducing multiple infected devices without the proper protection on them or the corporate network could be devastating to a business.
Take the time to integrate devices back into the network slowly. Be sure scans are done properly, and not rushed to get the office space filled with employees again. Taking a methodical approach to scanning and re-integration may be the key to protecting your business from widespread cyber threats.
5. Prepare Staff
Many employees and businesses have taken certain liberties to ensure their business processes could continue to flow while working from home. These processes may not have been the most secure approach. It's important that any risks that were introduced are identified and mitigated.
Company culture, such as use of personal devices or incorrect data protection, may also have been hindered. Be sure to introduce additional user training once employees do return, to ensure these practices do not continue. This is also a great time to review how prepared your business was before the pandemic and ensure you take steps to be better prepared in case of future disruptions.
Planning out the best process to begin returning to the office should be a discussion between executives and IT/Security staff. Open communication will help them prepare the technical considerations that need to be established so the risk of a virus or other cyber-attack is limited. If you would like help determining the risks your business faces, or other cybersecurity concerns when returning to a shared work space, please feel free to reach out to the experts at Pratum!