COVID-19: Cybersecurity Checklist for Remote Working
COVID-19 has forced many workforces to work remotely. For many companies, this shift would normally require long-term IT transformation efforts. But this has not been possible due to the pandemic's speed.
While many companies are reconfiguring networks and systems to serve the needs of remote workforces, the transformation' success is often limited by less-than-optimal technology capabilities.
Companies' IT infrastructure may be stressed by significantly increased demand, while cyber-threat actors actively seek to exploit weaknesses in newly implemented or temporary IT infrastructures. Below are some recommended steps, considerations, and tips to help protect your organisation from malicious cyber threats.
Risk and Governance
- Update and communicate acceptable use policies for employees and address the use of home computing devices.
- Identify functions requiring secure IT environments that remote working may not provide, and develop ways of performing them.
- Anticipate how entities on which your business depends – cloud, network infrastructure providers, and others – may be affected by COVID-19 disruptions, and develop resiliency options.
- Refresh and update cyber incident response and disaster recovery plans to address current operational needs.
- Regularly communicate cybersecurity awareness messages to employees to reinforce security procedures.
- Provide secure access solutions with sufficient capacity for the increased number of remote users.
- Offer security protection on endpoints.
- Enforce software updates to remote workers.
- Reassess rules such as geo-blocking that could prevent remote access.
- Increase IT helpdesk capacity and hours of operation to handle increased services required by remote workers.
- Ensure that cybersecurity alerts and audit logs of critical systems – for example, VPNs, firewalls, endpoint security tools, and critical business applications – are centrally collected and analysed to detect and respond to suspicious/malicious activity.
- Review/update VPN profiles and firewall rules to ensure employees are assigned appropriate privileges based on their roles.
- Implement procedures requiring approval from data/system owners for provisioning and de-provisioning of remote VPN, and other accounts related to critical business applications.
- Enable multi-factor authentication for VPN and critical information systems.
- Disable split tunnelling for VPN profiles to ensure remote employees cannot access the internet directly from their laptops while using VPNs to access corporate information systems.
- Create a shared channel – for example, #phishing-attacks – or email address where employees can report suspicious emails.
Develop tailored cybersecurity awareness messaging for all remote workers and deliver it online. Include topics such as:
- Detecting and avoiding elevated phishing threats, including COVID-19 scams and fraudulent websites.
- Ensuring secure use of Wi-Fi, both at home and in public.
- Not using company computers for personal email, file sharing sites, or social media without approval.
- Saving and securing needed printouts of work files or emails and shredding others.
- Not copying work files or information to personal devices, including home network drives and personal online storage.
- Muting or shutting down in-home digital assistants that may continuously record nearby conversations.
- Not permitting family members or others to use company-provided equipment, including laptops and phones.
- Eliminating default home Wi-Fi router passwords and performing other home security checks.
- Confirming screen locks are enabled to ensure workstations are secured when not in use.
- Never leaving laptops and mobile devices unattended in public spaces or unlocked at home.
- Using company-approved cloud services or data centre storage instead of local storage, particularly for sensitive information such as personally identifiable information, protected health information, financial data, and trade secrets.
- Avoiding the use of USB sticks and other removable storage.
Companies cannot ignore the cyber challenges associated with a largely or entirely remote workforce. In the long term, changes made in response to the pandemic should be viewed through a resiliency lens, with an eye to building more flexible and secure business operations.