5 Recommendations for Maintaining Business Continuity with Remote Working
As the World Health Organisation raised the COVID-19 outbreak to global pandemic status last week, more businesses are taking precautions to help stop the spread of the virus and protect their employees. For many, this may be the first time they’re putting their business continuity plans into practice and realising they may not be as robust as they need to be.
Here are some of the key points businesses should be considering.
1. Work from home policy
Does your organisation have a clear work from home policy in place, that is available for all employees to access? What are your expectations for your employees’ availability and responsiveness, how do they access tech support if needed and are there clear lines of communication?
Having a clear, well-documented work from home policy is key – not only for your employees but also your business. Understanding what is required of your staff in order for your organisation to still work effectively is the most important component of any business continuity strategy.
2. Employees’ equipment and technology
Do your employees have the correct equipment for remote access to your systems? (Devices, home broadband etc.) Think about how you can facilitate this need for your employees if necessary, do you have the structure in place for your staff to use their own devices securely if they are unable to utilise company provided ones. If you provide company laptops, encourage your users to take them home with them at the end of the day when possible just in case the worst should happen and they are asked to quarantine.
3. Securing remote workers
Are your staff able to work remotely, securely? Do you have Multi-Factor Authentication (MFA), location controls and Data Loss Prevention solutions in place? If you haven’t already set up MFA controls on your business-critical applications and services that have access to sensitive information, it would be prudent to complete this as soon as possible.
Consider setting up access controls by geo-location or IP addresses for high-risk accounts such as admins or senior executives who may be a target for cyber-attackers. Think about the visibility you have into data flows, would you be able to detect a leakage of sensitive data, whether it’s malicious or accidental, and do you have controls in place to stop it. Consider adding security via a VPN to secure mobile or home Internet connections.
4. Communication tools
What communication tools do you have available for your staff to still collaborate with team members, clients, and vendors? These can vastly improve productivity and effectiveness with tasks. We’ve already seen a lot of customers move away from the reliance of email, which is so often exploited by cybercriminals, to tools such as Microsoft Teams, Slack, Webex, to improve efficiencies.
5. Be wary of unusual requests
Sadly, cybercriminals often utilise the smallest of disruptions to their advantage, and so will begin to prey on the uncertainty this pandemic creates. It is important to ask employees to be extra cautious when dealing with payment requests, or data handling. If they are receiving an unusual request or are just unsure, it’s much better to be safe than sorry, pick up the phone and speak to your colleagues to validate what is being asked is legitimate.
The most important element throughout this pandemic, or any other crisis, is clear communication with your employees. Reassure your staff that there is a business continuity plan in place and the organisation has a strategy available to ensure as little disruption to everyday work-life as possible.
You can also check out the Top 10 IT Considerations for Remote Working Readiness Summary here. This document provides additional, detailed and specific questions you should be asking your business.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help