Here at CRIBB Cyber Security, we have worked with IT teams from healthcare, travel, retail and the cruise industry for years. Our experts strive to deliver the right results. During this difficult time for the world, we have pledged to work together to keep both our staff and our clients safe. We recently switched to a complete remote working set-up. In ‘Coronavirus & Remote Working’, we look at how you might achieve the same. You’ll even find some handy hints from our cyber security experts to keep in mind!
A huge global impact
The Coronavirus pandemic has thus far had a huge impact on the globe. Unfortunately, it seems as though the next few months will continue to be a struggle. Causing unprecedented mass disruption, COVID-19 and its various after-effects are things that we are all battling against together. Within that spirit of togetherness hopefully lies the key to us all pulling through.
Our teams at theICEway have always embraced this philosophy and are doing so ever-more wholeheartedly now. We have a remote working policy in place for our offices in the UK, Europe, Australia and the US. This provides just one example of the effort we are collectively making to beat this virus.
By staying away from crowds and public gatherings, we are all trying to stay healthy and safe. We are encouraging everybody else to do the same; remember, you might not consider yourself to be ‘at risk’ but the other people around you may fall into that category.
Working from home (WFH)
Staying at home rather than going into the office is something that we all daydream about at one time or another. Now though, it has become a necessity and perhaps doesn’t feel quite so idyllic – does it? There are only so many exercise routines to get into before you yearn for an alternative source of stimulus. At least, that’s how we feel…!
Working from home is looked upon differently depending upon your situation and point of view. At this moment in time it is the reality for many of us. Therefore, a key question must be: How can you work efficiently whilst working remotely? And a key cyber-security question must be: How can you work securely whilst working remotely?
Here our resident cyber security guru, Patrick Carolan, attempts to answer at least one of these questions.
Patrick, last week theICEway implemented a full remote working policy. This is to protect the well-being of both our staff and others. From a cyber security perspective, how can you ensure a safe and secure environment?
Fortunately, theICEway is made up of tech companies that already have the infrastructure and policy needed for remote working. Then the staff were encouraged to take whatever equipment was needed to be able to work as normal as possible. That meant we were in a very strong position to cope when it became clear that remote working was going to be required.
For those companies not in that position, they should start off by considering some key points.
Key points to consider for companies considering a WFH effort
- What is the status of their infrastructure RE: Remote working – do they need to acquire extra PCs or laptops that are suitable and secure enough to give to staff?
- Do they have a remote working policy in place? Does it need to be updated? Do they have the appropriate knowledge or a qualified person to do that? If not, or if they do not have such a policy in the first place, are they in a position to get one drafted up and then communicated to all relevant staff?
A communication plan / strategy would probably need to be in place for that and for keeping in contact with all relevant staff, correct?
Absolutely, along with a timetable showing who should be working remotely and when. Planning is vital with this, as it is with all projects really. You must not activate a remote working effort without having a robust plan. That plan should address all of the logistics from both a human and a machine perspective. That means all participating staff should know what they are doing and which security measures to follow.
Can you give us any examples of the security measures they should be following?
Any member of staff using company devices outside of the workplace will be exposing them to greater risk. Therefore, these devices need to be protected against these risks. It is the responsibility of the company to make sure that the devices have full-disk encryption. The company must then ensure the employees log out when not using them. They should also never leave any device unattended or on public display. In addition, there also needs to be a strong password policy in place that staff are aware of and follow. This is due to the fact that passwords need to be updated on a regular basis.
How companies should approach WFH
Assuming that there will be many people asked to work from home who have never done so before, are there any tips you can give companies on how best to tackle this?
It’s an interesting point, companies should definitely think about asking those people to conduct an audit of their home environment. They would need to check for vulnerabilities before connecting work devices. For example, do they have the latest firmware or software on their own devices? Do they have strong enough passwords on them? There are lots of IoT considerations to keep in mind, plus companies could also consider implementing the use of a connected home monitoring app. I’d certainly suggest that measure for those companies dealing with large scale data processing, or sensitive data. These should also initially establish whether or not a member of staff needs access to the internal network or simply access to cloud-based services and emails. Another question to keep in mind would be: Does this person need the same level of access to sensitive data remotely as they do in the workplace?
There are a great many considerations to go over with regards to Coronavirus & remote working. Hopefully, the above transcript provides a good basis to start from if remote working is all new to you. Of course, even if it is something that you embraced long ago, it is well worth revisiting to ensure that your efforts are up-to-date and fully compliant.
‘Coronavirus & Remote Working’ Glossary
theICEway ecosystem of companies – a collection of brands providing IT solutions and working together with your IT team to deliver
Full-disk encryption – This ensures that company data is not accessible even if a device falls into the wrong hands
IoT – Internet of Things
Connected home monitoring app – An app that is used to manage all of your connected, household devices by allowing you to set rules based upon sensor readings and previous interactions. Examples include Olisto and Yonomi.
If you are facing challenges due to Coronavirus & remote working, then CRIBB Cyber Security and theICEway can offer advice. Contact our experts today!