5 Recommendations for Maintaining Business Continuity with Remote Working
As the World Health Organisation raised the COVID-19 outbreak to global pandemic status last week, more businesses are taking precautions to help stop the spread of the virus and protect their employees. For many, this may be the first time they’re putting their business continuity plans into practice and realising they may not be as robust as they need to be.
Here are some of the key points businesses should be considering.
1. Work from home policy
Does your organisation have a clear work from home policy in place, that is available for all employees to access? What are your expectations for your employees’ availability and responsiveness, how do they access tech support if needed and are there clear lines of communication?
Having a clear, well-documented work from home policy is key – not only for your employees but also your business. Understanding what is required of your staff in order for your organisation to still work effectively is the most important component of any business continuity strategy.
2. Employees’ equipment and technology
Do your employees have the correct equipment for remote access to your systems? (Devices, home broadband etc.) Think about how you can facilitate this need for your employees if necessary, do you have the structure in place for your staff to use their own devices securely if they are unable to utilise company provided ones. If you provide company laptops, encourage your users to take them home with them at the end of the day when possible just in case the worst should happen and they are asked to quarantine.
3. Securing remote workers
Are your staff able to work remotely, securely? Do you have Multi-Factor Authentication (MFA), location controls and Data Loss Prevention solutions in place? If you haven’t already set up MFA controls on your business-critical applications and services that have access to sensitive information, it would be prudent to complete this as soon as possible.
Consider setting up access controls by geo-location or IP addresses for high-risk accounts such as admins or senior executives who may be a target for cyber-attackers. Think about the visibility you have into data flows, would you be able to detect a leakage of sensitive data, whether it’s malicious or accidental, and do you have controls in place to stop it. Consider adding security via a VPN to secure mobile or home Internet connections.
4. Communication tools
What communication tools do you have available for your staff to still collaborate with team members, clients, and vendors? These can vastly improve productivity and effectiveness with tasks. We’ve already seen a lot of customers move away from the reliance of email, which is so often exploited by cybercriminals, to tools such as Microsoft Teams, Slack, Webex, to improve efficiencies.
5. Be wary of unusual requests
Sadly, cybercriminals often utilise the smallest of disruptions to their advantage, and so will begin to prey on the uncertainty this pandemic creates. It is important to ask employees to be extra cautious when dealing with payment requests, or data handling. If they are receiving an unusual request or are just unsure, it’s much better to be safe than sorry, pick up the phone and speak to your colleagues to validate what is being asked is legitimate.
The most important element throughout this pandemic, or any other crisis, is clear communication with your employees. Reassure your staff that there is a business continuity plan in place and the organisation has a strategy available to ensure as little disruption to everyday work-life as possible.
You can also check out the Top 10 IT Considerations for Remote Working Readiness Summary here. This document provides additional, detailed and specific questions you should be asking your business.
see our
Related resources
In today’s digital age, we all use a vast amount of information to conduct our business activities, sharing, and interacting with data across multiple devices and networks. As such confidentiality, integrity and availability are key. You only have to look at recent news headlines to realise that even organisations with comprehensive security strategies are still vulnerable to cybersecurity breaches. Vulnerabilities can lie within the technology being used, the cyber-awareness of its employees, and the sophistication of attacks.
There are images of extensive, verbose documents, complex definitions, and eye-watering Excel sheets when the term GRC is mentioned. For the past two decades, GRC has been central to core business processes across many organisations at both ends of the enterprise spectrum, as well as in the small-to-medium business space in recent times.
But the world has moved on; organisations are forced to embrace digital disruption and agility if they haven’t done so whole-heartedly. And this very disruption is positioning GRC to become less-than-ideal to solve the challenges that said disruption brings with it.
Phishing attacks have increased dramatically over the last few years, with the global pandemic escalating the situation further. Cybercriminals take advantage of insecurities and fear and play on human nature to trick and deceive. In fact, according to the OAIC, phishing attacks that involved compromised credentials accounted for 30% of all cyber incidents in the first half of 2021. And human error formed a major source of these breaches. Unfortunately, due to the clever social engineering tactics used by cybercriminals, technical filters alone aren’t sufficient to protect against phishing.
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Last month CrowdStrike released its 2020 Global Threat Report, reflecting on the past year’s cybercrime and the types of attacks and techniques criminals have been utilising. In this blog post, we take a look at the key trends from the report and what they mean to Australian businesses.
We're Here To Help