FEATURE : INSIDER THREATS
Also , check to see if employees have given away passwords to family members using work computers . Did employees change their passwords ? Did they use the same passwords across work accounts and personal accounts ? Did they install any new software or remove any during the remote work period ? Administrators need to know before they let employees back on their networks .
Next , make sure to scan all relevant devices for unauthorized apps and software . Employees needed to get creative with work solutions , so they may have tapped resources that help them get through everyday tasks but aren ’ t up to security standards . Run endpoint detection scans on all returning devices to uncover any hidden vulnerabilities .
Ensure cloud data management and backups are sound
This is a time for IT administrators to make sure all data management and backup services are in good
order . If a rogue device does put any data at risk , you ’ ll want to make sure to have backups in service and programed with practices that will ensure that the data in question is protected and fully available . Keep the so-called ‘ 3-2-1 rule ’ in mind : Make sure to
maintain at least three copies of business data , store critical business data on at least two different types of Rick Vanover , Senior Director for Product Strategy ( L ), and Dave Russell , Vice President of Enterprise Strategy
Cybercriminals often target endpoints , so IT teams need to scan all corporate and personal employee devices that will be brought back to the network .
Improve employees ’ digital hygiene
While employees may have let their proverbial hair down during remote work , they ’ ll need to rededicate themselves to proper digital hygiene . Push them to use separate passwords for home and work devices . And make sure they ’ re using conventions that are complex and hard-to-crack . Bring back regular training to ensure that they ’ ll be able to spot phishing emails and other threats . Set up guidelines for using public Wi-Fi and for downloading materials . As employees return to work , it ’ s up to the administrators to refine IT practices , one by one , to protect against the top threats in the organization .
Monitor all activities
The best way to spot problems is to set up a system to flag them as they happen . This practice can be applied to workers ’ tools – and behaviors – as they reintegrate themselves with all of the company ’ s applications . Take advantage of monitoring tools that track changes in usage and applications .
If an employee makes a change in an application , you ’ ll want to know . It could be a bug altering a piece of code . Or it could be a change that you made – purposefully or inadvertently – that you ’ ll want to reset . Get in the habit of checking your monitoring tools at least a couple of times a day . It takes a minute , but it allows you to continually reassess your cybersecurity footprint . storage media and keep one copy of the backups in an off-site location . To that , in the ransomware era , we ’ d expand 3-2-1 to 3-2-1-1-0 : Adding another one to the rule where one of the media is offline and ensuring that all recoverability solutions have zero errors .
Conclusion
While IT administrators are looking forward to watercooler talk and on-site collaboration as much as anybody else , they ’ re understandably concerned about the cybersecurity implications of a more broadbased return to work . It could be a challenge . But with proper planning and follow-through , enterprises can manage the risk and solidify their strategies for protection going forward . p
CYBERCRIMINALS ARE WELL AWARE OF HOW INSECURE EMPLOYEE ENVIRONMENTS
HAVE BEEN .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 55