Top 10 IT Risk Considerations When Returning to Work
With the return to work now underway, many organisations are looking at how they can be prepared for this from a technical point of view. IT risks should be fully considered, with preventing and mitigating the risk of a cyber-attack needing consideration when returning to work post-pandemic.
Evidence shows there has been a material increase in cyber-attacks with Google alone reportedly blocking over 18 million malicious COVID-19 related emails. It is vital therefore that businesses do not open themselves up to avoidable risks.
To help mitigate any IT risks when returning to work, we have put together a list of the top ten considerations from an IT perspective that all businesses should consider:
Have clear policies in place for the re-introduction of devices into the office environment
Re-introducing devices into the office environment after they have been on a potentially unsecure home network carries risk, so ensure that clear policies are set out when bringing devices back to your office location.
Set out clear rules for the collection of data from remote (home) locations
When collecting data from devices in remote (home) locations it is important to consider how data will be transferred from the location back to the office safely and securely. Having robust back up procedures in place will help with this.
Have clear instructions for the destruction of data on uncontrolled/BYOD devices
A data destruction policy is vital for any data that is held on an uncontrolled BYOD device. At best, this should be included in your BYOD policy and ensure that employees are aware that organisations will want to access any BYOD devices to destroy and delete any company held data on them.
Develop a clear communications and training plan for cyber security
Keeping up with the latest cyber threats and risks is hard as they change on a daily basis, but communicating these to staff as they return to the office and educating them about managing the growing cyber threat is key. Organisations such as the National Cyber Security Centre and the Cloud Security Alliance can help with best guidance and practice for this.
Update ISMS/BCMS certifications and speak to your certification body
If certifications such as ISO27001 need to be updated, now is the perfect time to speak to certification bodies about these and make any necessary updates and adjustments in order to stay compliant.
Re-visit cyber security strategies to ensure that no stone is left unturned, including the “insider threat”
Many organisations do not consider how the “insider threat” will impact them, either maliciously or by accident. Ensure that any cyber security strategies are robust enough so should the worst happen from an insider threat to be fully prepared for it.
Have a Robust Backup Strategy
Ensuring backup strategies are fit for purpose is also very important, particularly if you use Office 365. As more content is added to Office 365 IT teams should ensure that all data is backed up regularly.
Set up a device sanitising area
With equipment and devices potentially going between the office and a home/remote location, setting up a sanitising area for employees outside the front door of the office will help with mitigating the risk of transmitting the virus.
Review your IT infrastructure needs
Post-pandemic it may become evident that IT infrastructures need to change. For example, if a level of ongoing remote/home working is going to be introduced on a regular basis the number of devices organisations require is likely to drop. This is a good time to review IT infrastructure and look at what can be done to improve it.
Embed any IT and remote working learnings
There was a big rush to get employees working from home when the COVID-19 outbreak first happened, and there will be many lessons learnt as a result of this. Ensure that what went well is fully considered when the move to work from home was made and learn from what didn’t go so well.
To help with your return to work IT risk planning, download our survey report now.
To learn how the FortressAS Home solution can help you improve the well-being of your home-workers, reduce your office costs, and improve your operational resilience, download our brochure here. To find out more about the FortressAS Home Solution visit https://fortressas.com/fortressas-home-service/.